On Thu, Feb 09, 2017 at 12:47:16AM -0500, Selva Nair wrote:
> Hi,
>
> On Thu, Feb 9, 2017 at 12:10 AM, Antonio Quartulli wrote:
>
> >
> > > I would consider username as not sensitive material although not sure
> > > everyone would agree. Unfortunately there is no way to know in advance
> > that
On Wed, Feb 08, 2017 at 11:58:32PM -0500, Selva Nair wrote:
> Hi,
>
> On Wed, Feb 8, 2017 at 10:01 PM, Antonio Quartulli wrote:
>
> > On Wed, Feb 08, 2017 at 02:25:44PM -0500, selva.n...@gmail.com wrote:
> > > From: Selva Nair
> > >
> > > - Keep the username even if auth-nocache is specified so
Hi,
On Wed, Feb 8, 2017 at 10:01 PM, Antonio Quartulli wrote:
> On Wed, Feb 08, 2017 at 02:25:44PM -0500, selva.n...@gmail.com wrote:
> > From: Selva Nair
> >
> > - Keep the username even if auth-nocache is specified so that
> > any auth_token pushed by the server could be utilized
>
> This m
On Wed, Feb 08, 2017 at 02:25:44PM -0500, selva.n...@gmail.com wrote:
> From: Selva Nair
>
> - Keep the username even if auth-nocache is specified so that
> any auth_token pushed by the server could be utilized
This means that even when using no auth-token the username will be cached.
Can this
From: Selva Nair
- Keep the username even if auth-nocache is specified so that
any auth_token pushed by the server could be utilized
- When auth-token is received, set nocache = false in user_pass
Note: When handling of auth failure due to token expiry is fixed, remember
to re-instate nocache
