mod_radius, apache2 and the auth cookie.

Alan DeKok aland at
Tue Aug 2 17:28:19 CEST 2005

"Palmer J.D.F." <J.D.F.Palmer at> wrote:
> The gifs etc are located in an unprotected directory, surely this prevents
> from having to re-authenticate for each?


> A bit of a dig around reveals this from the Apache site, which implies that
> all browsers cache the credentials.

  Well, that's changed since I wrote the module.  It's irritating as
heck, too.

  The only solution is to take a hint from mod_securid, and put the
username & password on an auto-generated HTML page, where the browser
won't cache them.

  That would involve a complete re-write of the module, though.

  Alan DeKok.

More information about the Freeradius-Users mailing list