On Mon, 1 Nov 1999, Robin Berjon wrote:

> At 11:44 01/11/1999 -0800, Doug MacEachern wrote:
> >On Mon, 1 Nov 1999, Wyman Eric Miles wrote:
> >> The next question is, when the cookie expires 2 hours later, the initial
> >> SecurID user/password has long since expired.  How do I cause the module
> >> to force the basic auth dialogs again?
> >> 
> >>             $r -> note_basic_auth_failure;
> >>             return AUTH_REQUIRED;
> >> 
> >> Doesn't seem to work.
> >
> >that's cause netscape, ie, etc, cache basic credentials.  so even though a
> >401 code is sent to the client, they just reuse the existing
> >username/password in memory.
> 
> I've never tried this but doesn't sending two 401s in a row for the same
> document have the auth popup appear again ?

yeah, except that clicking 'cancel' causes the browser to send the cached
credentials.  at least, that was my experience last I tried.

Reply via email to