Hi all, I have a very basic question regarding authentication on apache...I have in my httpd.conf a section like below : <Directory "/var/www/cgi-bin"> AuthType Basic AuthName "By Invitaion Only" AuthUserFile /etc/httpd/conf/passwd/passwords Require valid-user AllowOverride None Options ExecCGI Order allow,deny Allow from all </Directory> So whenever a browser first sends a cgi-bin request, authentication is done by userid and password...Whenever subsequent requests come for cgi-bin, authentication is not required provided the browser has not been closed. How is this done ? I know that this is not a problem but I would like to know just for my information. Thanx Anand --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx