Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Force SSL to reauthenticate

Posted on 2006-07-14
2
Medium Priority
?
272 Views
Last Modified: 2012-05-05
Using Apache 2.0.46 and PHP 4.4.1.  I've set up an administrative section to my site secured with SSL and .htaccess-style text files.  Part of the administrative section is the ability to manage the local employees, including adding/removing and changing passwords.  There are certain points at which I will rewrite the entirety of the text file to 'reconcile' my table-based employee list and the web server's access list.  My concern now is forcing an SSL reset on any existing sessions.

I've tried destroying the sessions, and that does not seem to work.  I get a new session id, etc., but my SSL login is maintained.  Is there any way to forcibly reset the SSL logins globally, and trigger this reset from PHP, HTTP headers, or similar manner?  Obviously, this needs to be solely server-side...the most the end user should see is the new login dialog box.
0
Comment
Question by:Steve Bink
2 Comments
 
LVL 51

Author Comment

by:Steve Bink
ID: 17113121
For reference, I found this in a PAQ:

http://support.microsoft.com/kb/q195192/

This details how to create an ActiveX control to do just what I need.  The problem is, however, that I'm using Linux and Apache, with Firefox on the client side.  This IS an intranet environment, though, so if this method will work I will readily accept it as a solution.  Can anyone provide an example of how to implement this solution?
0
 
LVL 1

Accepted Solution

by:
GhostMod earned 0 total points
ID: 17184828
Closed, 125 points refunded.

GhostMod
Community Support Moderator
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to security, close monitoring is a must. According to WhiteHat Security annual report, a substantial number of all web applications are vulnerable always. Monitis offers a new product - fully-featured Website security monitoring and pr…
The first step to building an amazing About page is to figure out what you want the page to say about your company. You then must grab the attention of the reader, boast a bit, tell a story and let others brag about you. With a little bit of thought…
Any person in technology especially those working for big companies should at least know about the basics of web accessibility. Believe it or not there are even laws in place that require businesses to provide such means for the disabled and aging p…
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.
Suggested Courses

783 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question