Noah Kantrowitz kirjoitti: > > On Oct 6, 2006, at 1:39 AM, Jani Tiainen wrote: > >> Akshay Guleria kirjoitti: >>> Hi, >>> >>> I use pam auth module to authenticate trac users. I want that the >>> login >>> stays forever (1 year and above). trac seems to set the cookie >>> that has >>> long expiry date but still i am prompted for username and password >>> each >>> time i access the portal's login link. Can you help me get some >>> pointers on this. Any help is appreciated. >> Trac doesn't use cookies for authentication. Default setup (and seems >> that you have done that too) requires browser to send credentials. > > Not quite sure what you mean by this. Cookies never have anything to > do with authentication on anything. Cookies are used for session > persistence in most webapps (including Trac). I would say to check > that your browser is accepting cookies from the Trac site. The > FireFox web developer toolbar is helpful with this.
Yes they do. Authentication is a concept. Not a single mechanism. And cookie is one possibility (see below). Username - password pair is one form of authentication. Certificate challenge, kerberos challenge. RSA keys, encryption keys, public private keys... All authentication methods, very different still can be used as authentication methods. Some webapps use store authentication information (username,password, sessionkey etc.) in cookie. That's why apps have "remember me" checkbox or equivalent (eg. almost forum apps does). It remembers you over web browser session and saves you typing your login information everytime again and again. In this case if you have correct cookie, you are authenticated. Right? Isn't that authentication then? Your first time authentication method might be different, like in this case it might have been username - password combination. ... and to continue with cookies, there is actually two types of cookies: session cookies and persistent cookies. Session cookies are temporary, deleted after session is over (browser closed) and usually don't contain application spesific information instead of identifying information. Persistent cookies are permaent, kept over sessions and usually contain identifying information, maybe some settings etc. that application want to keep up. Long lecture, hope that this clarified thingies.. -- Jani Tiainen --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Trac Users" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/trac-users -~----------~----~----~----~------~----~------~--~---
