|
||||||||
>>You could change the authentication realm... This has been a suggested >>in more than a few PHP books. It's a hack, it's not too inelegant (sp?) >>and it works. >> >> > >I've seen it used in combination with a pseudo-dir that holds a >"session". > >1) You got to www.site.com and get redirectet to >www.site.com/md5hash_of_something/ >2) www.site.com/md5hash_of_something/ requieres http_auth with a >slightly different realm (something with adding extra spaces in the >string to avoid to much noise in the popup of the user) >3) When you log out og timeout, the "md5hash_of_something" is also >thrown away on the server, >4) Accessing www.site.com/md5hash_of_something/ after session is closed >sends the user back to 1) for a new session. > Right - but why mess with md5'd pathes? I don't see the purpose, let alone an advantage... Are you concerned about caching? Myke |