- From: <grahameg@kestral.com.au>
- Date: Thu, 24 Apr 1997 15:49:45 +0800
- To: www-talk@w3.org
Is there anyway for a server to clear the authentication field carried in the HTTP header? We wish to time the authentications out, but returning an HTTP 401 Authorisation failed merely resuts on the browser giving the user the opportunity to change their password. If they don't, the browsers re-usethe old password Is there anyway to stop them from doing this? Thanks, Grahame
Received on Thursday, 24 April 1997 03:50:13 UTC