On 1/24/06, info. raa <info@xxxxxxxxxx> wrote: > Thanks for the reply. > It is really a security measure, since i'm developing an erp with mysql. > Do you know how it is done? I dont want to bookmark any pages or so. > Your last solution works right away. Thanks. Why shouldn't they be able to bookmark pages? I hate web apps that force things like that on me. At worst, you should just use a session id in the url and redirect to an intro page if the session is expired. > Can i ask some other thing? > Is there anyway to prevent the same user/password to be accepted by the > server. Or one setup of user/password can be use like for 10 people or > so? Using HTTP Basic auth? No. There are no such controls in apache. You'd need to monitor the logs and lock out abused accounts. If you are rolling your own sessions (using cookies of some kind), then it is up to your application to track this. Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|