Msg#: 3803865 posted 12:36 am on Dec 10, 2008 (gmt 0)
I am new to manipulating apache parameters on my hosted web site. I just established a passwd and userid for files within a directory.
After a user is correctly authorized and views file 1 - they would close that tab (I am using FF 3x) - and then they might go on and click on another link and view file 2. I had assumed initially that they would need re-authorization to view each file. But that is not the case.
FF does not show any cookies, session or otherwise for this site. The background is - a person clicks on a link from an html email and views the docs. Could the cookie be on the gmail's end and not on my web site's end.
Or does apache use another mechanmis. I need to be able to explain the process to users - so I need to understand what apache does.
Msg#: 3803865 posted 12:59 am on Dec 10, 2008 (gmt 0)
Once you use and set the environment variables for Apache's basic authentication mechanism it typically holds true until the browser is closed. You can read more about Authentication, Authorization and Access Control [httpd.apache.org] in the Apache online documentation.
Msg#: 3803865 posted 2:22 am on Dec 10, 2008 (gmt 0)
Thank you. Actually I had read this doc prior to setting up .htaccess - however, after reading it again now - I see that the AuthName is the key. From the doc -
So, for example, once a client has authenticated in the "Restricted Files" area, it will automatically retry the same password for any area on the same server that is marked with the "Restricted Files" Realm. Therefore, you can prevent a user from being prompted more than once for a password by letting multiple restricted areas share the same realm.