s/key authentication for Apache on FreeBSD?
Brett Glass
brett at lariat.org
Sat Dec 13 23:59:01 PST 2003
At 10:45 PM 12/13/2003, Matthew D. Fuller wrote:
>HTTP AUTH sends the user/pass strings with every request (more precisely,
>the browser caches what you put in, and sends it every time the server
>returns a 401 with the same realm name.)
I apologize; I wasn't being clear. My question was, does the Apache
server then send the user name and password on to the library that
is doing authentication every time? Or does it recognize that the
user and password (and/or IP) are the same as before and allow
subsequent hits?
--Brett
More information about the freebsd-security
mailing list