[ previous ] [ next ] [ threads ]
 
 From:  Mykel <Mykel at mWare dot ca>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] feature request
 Date:  Fri, 10 Dec 2004 21:20:46 -0500
>>You could change the authentication realm... This has been a suggested 
>>in more than a few PHP books. It's a hack, it's not too inelegant (sp?) 
>>and it works.
>>    
>>
>
>I've seen it used in combination with a pseudo-dir that holds a
>"session".
>
>1) You got to www.site.com and get redirectet to
>www.site.com/md5hash_of_something/
>2) www.site.com/md5hash_of_something/ requieres http_auth with a
>slightly different realm (something with adding extra spaces in the
>string to avoid to much noise in the popup of the user)
>3) When you log out og timeout, the "md5hash_of_something" is also
>thrown away on the server, 
>4) Accessing www.site.com/md5hash_of_something/ after session is closed
>sends the user back to 1) for a new session.
>
Right - but why mess with md5'd pathes? I don't see the purpose, let 
alone an advantage... Are you concerned about caching?

Myke