On Fri, 2004-08-27 at 09:25 +0200, Henrik Nordstrom wrote: > On Fri, 27 Aug 2004, Shu Ung wrote: > > > Thanks Henrik. The problem was to do with yet another misconfiguaration on my > > part. I have my authenticate_ttl set to 0 for testing purposes and have > > forgotten to also set my external_acl ttl to 0 which has default of 1 hour - > > I have an external acl which does quota checking. > > > > It is all working okay now except that my browser keeps prompting me to > > re-enter the password each time the digest helper program got called up. > > This should not happen, but then setting authenticate_ttl to 0 is very > aggressive and many things have not been tested with this setting. > > And please keep discussion on the mailinglist thanks!
IIRC this will flush the user cache continuously, which will flush all the digest nonces... and that leads to a failed auth (invalid nonce) on the next attempt. In this case, I think its a browser bug - the browser should note that a new nonce was mandated in the error's headers and try again with that nonce before prompting the user. Rob
signature.asc
Description: This is a digitally signed message part
