You are viewing a plain text version of this content. The canonical link for it is here.

Posted to modperl@perl.apache.org by Jonas Nordström <Jo...@ei.sigma.se> on 2000/06/14 14:38:14 UTC

unauthentication

We have implemented an intranet gateway in mod-perl, where external clients
are authenticated against our NT-domain, that works fine.
I want to add the possibility to "log-out", ie, to "de-authenticate" the
user, so that the next time he tries to access the gateway, he will be
prompted to convey username/password.
Is that possible? Is it enough to respond with a "401"-page?

/Jonas

Re: unauthentication

Posted by "Erich L. Markert" <em...@pace.edu>.

Unless you use a solution like Apache::AuthCookie, TicketAccess, etc.
(where you issue an authorization ticket) inconjunction with your
NT-domain then the answer to your question is no.  The only way to
reliably logout someone is to have them shutdown their browser.  Reason
being is that authorization/authentication credentials are cached by the
browser - if you use one of the above solutions you can expire the
access ticket there by denying access.

Jonas Nordström wrote:
> 
> We have implemented an intranet gateway in mod-perl, where external clients
> are authenticated against our NT-domain, that works fine.
> I want to add the possibility to "log-out", ie, to "de-authenticate" the
> user, so that the next time he tries to access the gateway, he will be
> prompted to convey username/password.
> Is that possible? Is it enough to respond with a "401"-page?
> 
> /Jonas

--
__________________________________________________________
Mr. Erich L. Markert                     emarkert@pace.edu
Computer Learning Center		 TEL (914)422-4328
Pace University
1 Martine Ave
White Plains, New York 10606-1932

Those who do not understand Unix are condemned to reinvent it, poorly.
                -- Henry Spencer