Solved

Force SSL to reauthenticate

Posted on 2006-07-14
2
263 Views
Last Modified: 2012-05-05
Using Apache 2.0.46 and PHP 4.4.1.  I've set up an administrative section to my site secured with SSL and .htaccess-style text files.  Part of the administrative section is the ability to manage the local employees, including adding/removing and changing passwords.  There are certain points at which I will rewrite the entirety of the text file to 'reconcile' my table-based employee list and the web server's access list.  My concern now is forcing an SSL reset on any existing sessions.

I've tried destroying the sessions, and that does not seem to work.  I get a new session id, etc., but my SSL login is maintained.  Is there any way to forcibly reset the SSL logins globally, and trigger this reset from PHP, HTTP headers, or similar manner?  Obviously, this needs to be solely server-side...the most the end user should see is the new login dialog box.
0
Comment
Question by:Steve Bink
2 Comments
 
LVL 50

Author Comment

by:Steve Bink
ID: 17113121
For reference, I found this in a PAQ:

http://support.microsoft.com/kb/q195192/

This details how to create an ActiveX control to do just what I need.  The problem is, however, that I'm using Linux and Apache, with Firefox on the client side.  This IS an intranet environment, though, so if this method will work I will readily accept it as a solution.  Can anyone provide an example of how to implement this solution?
0
 
LVL 1

Accepted Solution

by:
GhostMod earned 0 total points
ID: 17184828
Closed, 125 points refunded.

GhostMod
Community Support Moderator
0

Featured Post

3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've been asked to discuss some of the UX activities that I'm using with my team. Here I will share some details about how we approach UX projects.
Developer portfolios can be a bit of an enigma—how do you present yourself to employers without burying them in lines of code?  A modern portfolio is more than just work samples, it’s also a statement of how you work.
The viewer will get a basic understanding of what section 508 compliance can entail, learn about skip navigation links, alt text, transcripts, and font size controls.
The is a quite short video tutorial. In this video, I'm going to show you how to create self-host WordPress blog with free hosting service.

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question