On Fri, 2004-08-27 at 09:25 +0200, Henrik Nordstrom wrote:
> On Fri, 27 Aug 2004, Shu Ung wrote:
>
> > Thanks Henrik. The problem was to do with yet another misconfiguaration on my
> > part. I have my authenticate_ttl set to 0 for testing purposes and have
> > forgotten to also set my external_acl ttl to 0 which has default of 1 hour -
> > I have an external acl which does quota checking.
> >
> > It is all working okay now except that my browser keeps prompting me to
> > re-enter the password each time the digest helper program got called up.
>
> This should not happen, but then setting authenticate_ttl to 0 is very
> aggressive and many things have not been tested with this setting.
>
> And please keep discussion on the mailinglist thanks!
IIRC this will flush the user cache continuously, which will flush all
the digest nonces... and that leads to a failed auth (invalid nonce) on
the next attempt.
In this case, I think its a browser bug - the browser should note that a
new nonce was mandated in the error's headers and try again with that
nonce before prompting the user.
Rob
This archive was generated by hypermail pre-2.1.9 : Wed Sep 01 2004 - 12:00:03 MDT