>> I need to figure out some way of invalidating the LDAP >> cache so that the user is then prompted for their new >> password > I don't think there's currently any way to do this, but it > sounds like a useful feature if you want to open an enhancement > request. I suspect a directive could be added that invalidated > the cached stuff for the currently logged in user, and you'd > wrap it in a Directory/Location container that would trigger > when the passwd-changing URL was accessed Well, I figured out a work-around for now. In my PHP code, if the LDAP bind fails, I'm sending back the same "401/Unauthorized" headers that mod_ldap would send if the password didn't match the cache, which causes the browser to prompt for the update login name and password. This seems to work well for me. But, it may be worth noting that mod_ldap ought to allow the cache to be cleared somehow, or at least for me to be able to tell mod_ldap to not cache credential information for a particular <VirtualHost>, <Location> or <Directory>, rather than having the cache settings be server-wide only. Tim Gustafson Baskin School of Engineering UC Santa Cruz tjg@xxxxxxxxxxxx 831-459-5354 --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|