http://qs321.pair.com?node_id=206664

grizzlyguru has asked for the wisdom of the Perl Monks concerning the following question:

I have an application where the user must login via a general HTTP authentication in order to create an account. I would then like them to login again with the new HTTP authentication info they created. How do I reset the authentication w/o forcing the user to quit out of the browser and restart it?

Replies are listed 'Best First'.
Re: How do I reset http authentication w/o a browser shutdown?
by crazyinsomniac (Prior) on Oct 20, 2002 at 16:32 UTC
Re: How do I reset http authentication w/o a browser shutdown?
by Aristotle (Chancellor) on Oct 20, 2002 at 16:50 UTC

    Like crazyinsomniac said - send a status 401 and the browser will prompt the user for a password.

    Be aware that HTTP authentication basically sends a plaintext password. If it's not a HTTPS connection, your users' passwords are open for anyone who wants to pick them.

    Makeshifts last the longest.

Re: How do I reset http authentication w/o a browser shutdown?
by Arguile (Hermit) on Oct 20, 2002 at 18:05 UTC

    If they don't need to see the rest of the site with the general login, another option is to simply isolate the account creation section in a subdir (or authenticate based on filename) and have different authentication parameters for it.