Hi, that solves my problems! There is no loop when wrong login parameters are used. Thanks a lot!
Can this mechanism be used to enforce a logout? My web site should have a "logout/new login" link. When this link is activated, the browser should ask for new login credentials. Heiko > The previous fix was not yet OK since it never forced a new nonce. > The change below should be safer since a new nonce is forced after > its lifetime expired. I hope I understood the "stale" parameter > correctly now. > [...] -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be