Hi,
As far as my understanding goes, the client(Browser) sends the cached password to
the
apache webserver, which passes it to the ldap module to authenticate. The module
maintains the
cache of ldap data, and verifies it from there, and from the ldap server if the data
is not in
the cache.
Now if the module can reject the password (even if it is valid), if I click on
logout
button, the browser would be forced to ask for new password. At this time the user can
enter
the new username/password.
What I was thinking of was to tinker with the mod_ldap_auth (or mod_auth_ldap :-)
)
module to perform this based on certian criteria (could be a per user reset file, or a
database entry, or even a IPC Signal...! )
I can't help, the programmer in me wakes up occasionally!
Regards,
Rajat
Sandip Bhattacharya wrote:
> Just a question. The normal http_auth works by making the client send the
> encoded password *everytime* for accessing files in that realm. So all an user
> has to do is to close the browser after finishing to take the password of its own
>cache.
> Apache itself thus doesnt maintain a cache itself.
>
> How does apache handle authentication with the client. Internally, instead
> of accessing the .htaccess/.htpasswd files, it would be consulting the ldap server.
> But does it have a different mode for asking the client for a password? Or does
> that part changes?
>
> - Sandip
>
> On Tue, Jan 29, 2002 at 02:53:46PM +0530, Rajat Bhatia spoke out thus:
> > Hi,
> > I am using mod_auth_ldap in apache to authenticate users through the ldap
>server.
> > Now the problem is, that once a user is authenticated, it remains in cache and
>he/she
> > need not enter the password again (for the same realm)
> > I wanted to implement a kind of logout facility, on a website here. Is it
>possible
> > somehow? Can we remove a particular user from the cache that the apache module
>maintains?
> >
>
> --
> Sandip Bhattacharya
> sandipb @ bigfoot.com
> http://www.sandipb.net
> ----------------------------
>
> ================================================
> To subscribe, send email to [EMAIL PROTECTED] with subscribe in subject header
> To unsubscribe, send email to [EMAIL PROTECTED] with unsubscribe in subject
>header
> Archives are available at http://www.mail-archive.com/ilugd%40wpaa.org
> =================================================
-- - Popi Classification -------------------------------------------------------
Classification applies if checked...
[ ] General Business Information
[ ] Motorola Internal Use only
[ ] Motorola Confidential Proprietary
--- A Nice Quote --------------------------------------------------------------
"When the only tool you have is a hammer, you tend to treat everything as if it were a
nail."
-- Abraham Maslow
-- Contact Me -----------------------------------------------------------------
Rajat Bhatia
[EMAIL PROTECTED]
Tel: +91-124-6307212 Ext 1350
+91-124-6303212 EPABX Operator
Fax : +91-124-6306679
================================================
To subscribe, send email to [EMAIL PROTECTED] with subscribe in subject header
To unsubscribe, send email to [EMAIL PROTECTED] with unsubscribe in subject header
Archives are available at http://www.mail-archive.com/ilugd%40wpaa.org
=================================================
