OWS, PL/SQL Cartridges & Username/Passwords
Date: Mon, 26 Jul 1999 16:51:28 +0100
Message-ID: <379C8400.57B60BB_at_koft.com>
A question regarding Oracle Web Server and its interaction with pages [Quoted] requiring authentication...
When a page requires authentication, something is sent back in the HTTP (presumably) to get the browser to prompt for a username & password. The problem is that this is then cached and never requested again unless
the browser is restarted.
Is there anyway to effect a 'log-off' so that a re-authentication can be
made?
There seems to be a security problem otherwise in that a different user
can
use the same browser session to access someone else's data. Also, the
page history is maintained so that a new user can jump directly into
another
person's session.
Is there no option for using cookies and providing a true log-out style mechanism?
What approach has anyone else taken for prompting for usernames and passwords?
Please e-mail me back at: karl_at_koft.com.
Many thanks for your help.
Karl Received on Mon Jul 26 1999 - 17:51:28 CEST