Apache Access Control: How to make Apache ask for username/pw again ?
This is a discussion on Apache Access Control: How to make Apache ask for username/pw again ? within the Windows Web Servers forums, part of the Web Server and Related Forums category; When using the Apache Access Control a pop-up window appares. After entering the username and password the first time ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
11-15-2004
|
|||
|
|||
Apache Access Control: How to make Apache ask for username/pw again ?
When using the Apache Access Control a pop-up window appares. After entering
the username and password the first time the user is never again asked to enter it. What if another user want to log on from the same terminal, how do I trigger Apache Server to ask for username again ? The only way I know of that will make apache ask for username again is to close down the browser and start it up again. But there has to be a better way to do this ? I have tried to clear the server variables PHP_AUTH_USER and PHP_AUTH_PW but the old values return as soon as the next script has started to execute. The clearing of the variables only last as long as the script responsible for the clearing is executing. |
|
11-16-2004
|
|||
|
|||
|
Re: Apache Access Control: How to make Apache ask for username/pw again ?
On Mon, 15 Nov 2004 16:52:53 +0100, "Magne Josefsen"
<magne.josefsen@dreng.no> wrote: >When using the Apache Access Control a pop-up window appares. After entering >the username and password the first time the user is never again asked to >enter it. > >What if another user want to log on from the same terminal, how do I trigger >Apache Server to ask for username again ? > >The only way I know of that will make apache ask for username again is to >close down the browser and start it up again. But there has to be a better > way to do this ? > >I have tried to clear the server variables PHP_AUTH_USER and PHP_AUTH_PW >but the old values return as soon as the next script has started to execute. >The clearing >of the variables only last as long as the script responsible for the >clearing is executing. Standard HTTP authentication has no explicit logoff function. The authentication is cleared when the browser program is stopped and started again. As far as i know there is not much you can do from the server side. Maybe you can force another username/password dialog by forcing the browser to address another "realm" on your site as result of the (first) user clicking some "logoff" hyperlink. Or to another virtual host on the same server. http://httpd.apache.org/docs-2.0/howto/auth.html says something about this, but i never tried this. Good luck with your experiments, -- ) Kees Nuyt ( c[_] |
Linear Mode
