NEWPASSWORDC (JANUS DEFINE parameter): Difference between revisions
mNo edit summary |
(Automatically generated page update) |
||
(3 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
<span class="pageSubtitle">Send 'unauthorized' response on pwd change</span> | |||
<span class="pageSubtitle" | |||
<var>NEWPASSWORDC</var> is a parameter on [[JANUS DEFINE]], which defines and sets characteristics of a Janus port | <var>NEWPASSWORDC</var> is a parameter on <var>[[JANUS DEFINE]]</var>, which defines and sets characteristics of a Janus port. | ||
This parameter prevents | This parameter prevents <var class="product">[[Janus Web Server]]</var> from immediately sending an "Unauthorized" response to a browser after a password change. | ||
<var class="product">Janus Web Server</var> sends an "Unauthorized" response to a browser whenever the user changes his or her password either by specifying <var class="term">oldpassword:newpassword</var> for the password in a logon pop-up window or with a NEWPASSF/NEWPASSF2 form. This causes a logon pop-up window to appear on the user's workstation, allowing the use to tell the browser what the new password is (there is no way for a server to tell a browser that the user has just changed his or her password). | |||
While having a logon pop-up window appear immediately after a password change might be confusing to end-users, it is probably less confusing than the same window appearing some time later. In certain cases, such as a page with multiple embedded password protected images, the end-user might even receive multiple logon pop-up windows because of a password change, if an immediate "Unauthorized" is not sent after a password change. | While having a logon pop-up window appear immediately after a password change might be confusing to end-users, it is probably less confusing than the same window appearing some time later. In certain cases, such as a page with multiple embedded password protected images, the end-user might even receive multiple logon pop-up windows because of a password change, if an immediate "Unauthorized" is not sent after a password change. |
Latest revision as of 22:21, 16 April 2013
Send 'unauthorized' response on pwd change
NEWPASSWORDC is a parameter on JANUS DEFINE, which defines and sets characteristics of a Janus port.
This parameter prevents Janus Web Server from immediately sending an "Unauthorized" response to a browser after a password change.
Janus Web Server sends an "Unauthorized" response to a browser whenever the user changes his or her password either by specifying oldpassword:newpassword for the password in a logon pop-up window or with a NEWPASSF/NEWPASSF2 form. This causes a logon pop-up window to appear on the user's workstation, allowing the use to tell the browser what the new password is (there is no way for a server to tell a browser that the user has just changed his or her password).
While having a logon pop-up window appear immediately after a password change might be confusing to end-users, it is probably less confusing than the same window appearing some time later. In certain cases, such as a page with multiple embedded password protected images, the end-user might even receive multiple logon pop-up windows because of a password change, if an immediate "Unauthorized" is not sent after a password change.
If, in spite of all these advantages, an immediate "Unauthorized" after a password change is not desirable, the NEWPASSWORDC (NEW PASSWORD Continue) can be specified on the port definition.
The presence or absence of the NEWPASSWORDC parameter is irrelevant if there is a JANUS WEB ON NEWPASSWORD
rule for the port.
Valid only for WEBSERV ports.