2009/9/7 Jos Chrispijn <apache@xxxxxxxxx>: > Is there a way of forcing webbrowser to present a login popup every time > they enter a protected URL? Now I login once and until I delete my > cookies, I can go to the URL without having a username and password > filled out, even not having the 'remember password' option active. If your server replies with HTTP 401 to a request made with credentials, the browser will drop the HTTP Auth session and re-prompt. However, since you can't distinguish between the previous and the next request by the client after the prompt, you'll trap into a problem (not to mention implementing something like that). Conclusion: You'll need your own module with some sort of session database attached to save the state user x HTTP 401, allow one request with credentials for that username, HTTP 401, allow one request with credentials for that username, HTTP 401.... Bob --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|