Hosting Provided By

Re: HTTP Authentication & Source IP Address

From: Dorian Moore <lists(at)dorianmoore.com>
Date: Sat Nov 30 2002 - 10:55:50 EST

Hiya,

The main reason is that your user might be behind some form of proxy. subsequent requests from people on [for instance] AOL may come from different IP address's due to the distribution of their proxy service. This would mean that your GET request for the main page could come from one IP address, then for subsequent components [be it parts of that page, or other pages] could come from a different IP address, thus invalidating your session ID.

There are other reasons, but that's a good enough one.

_d._

on 30/11/02 1:13 pm the person going by the name James Wilkinson at james.wilkinson@jwit.co.uk spake :

> Hi,
>
> In the recent discussion on HTTP Authentification, it was said (by Bob Lee)
Received on Sat Nov 30 12:15:43 2002

This message: [ Message body ]
Next message: Matt Petteys: "RE: HTTP Authentication & Source IP Address"
In reply to James Wilkinson: "Re: HTTP Authentication & Source IP Address"
Next in thread: Matt Petteys: "RE: HTTP Authentication & Source IP Address"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:44 EDT