NEWPASSWORDC (JANUS DEFINE parameter): Difference between revisions

From m204wiki
Jump to navigation Jump to search
mNo edit summary
(Automatically generated page update)
 
(3 intermediate revisions by 2 users not shown)
Line 1: Line 1:
{{DISPLAYTITLE:NEWPASSWORDC}}
<span class="pageSubtitle">Send 'unauthorized' response on pwd change</span>
<span class="pageSubtitle"><section begin="desc" />Send 'unauthorized' response on pwd change.<section end="desc" /></span>


<var>NEWPASSWORDC</var> is a parameter on [[JANUS DEFINE]], which defines and sets characteristics of a Janus port. See the [[JANUS DEFINE#parmlist|List of JANUS DEFINE parameters]].
<var>NEWPASSWORDC</var> is a parameter on <var>[[JANUS DEFINE]]</var>, which defines and sets characteristics of a Janus port.  


This parameter prevents ''[[Janus Web Server]]'' from immediately sending an "Unauthorized" response to a browser after a password change.  
This parameter prevents <var class="product">[[Janus Web Server]]</var> from immediately sending an "Unauthorized" response to a browser after a password change.  


''Janus Web Server'' sends an "Unauthorized" response to a browser whenever the user changes his or her password either by specifying oldpassword:newpassword for the password in a logon pop-up window or with a NEWPASSF/NEWPASSF2 form. This causes a logon pop-up window to appear on the user's workstation, allowing the use to tell the browser what the new password is (there is no way for a server to tell a browser that the user has just changed his or her password).  
<var class="product">Janus Web Server</var> sends an "Unauthorized" response to a browser whenever the user changes his or her password either by specifying <var class="term">oldpassword:newpassword</var> for the password in a logon pop-up window or with a NEWPASSF/NEWPASSF2 form. This causes a logon pop-up window to appear on the user's workstation, allowing the use to tell the browser what the new password is (there is no way for a server to tell a browser that the user has just changed his or her password).  


While having a logon pop-up window appear immediately after a password change might be confusing to end-users, it is probably less confusing than the same window appearing some time later. In certain cases, such as a page with multiple embedded password protected images, the end-user might even receive multiple logon pop-up windows because of a password change, if an immediate "Unauthorized" is not sent after a password change.  
While having a logon pop-up window appear immediately after a password change might be confusing to end-users, it is probably less confusing than the same window appearing some time later. In certain cases, such as a page with multiple embedded password protected images, the end-user might even receive multiple logon pop-up windows because of a password change, if an immediate "Unauthorized" is not sent after a password change.  

Latest revision as of 22:21, 16 April 2013

Send 'unauthorized' response on pwd change

NEWPASSWORDC is a parameter on JANUS DEFINE, which defines and sets characteristics of a Janus port.

This parameter prevents Janus Web Server from immediately sending an "Unauthorized" response to a browser after a password change.

Janus Web Server sends an "Unauthorized" response to a browser whenever the user changes his or her password either by specifying oldpassword:newpassword for the password in a logon pop-up window or with a NEWPASSF/NEWPASSF2 form. This causes a logon pop-up window to appear on the user's workstation, allowing the use to tell the browser what the new password is (there is no way for a server to tell a browser that the user has just changed his or her password).

While having a logon pop-up window appear immediately after a password change might be confusing to end-users, it is probably less confusing than the same window appearing some time later. In certain cases, such as a page with multiple embedded password protected images, the end-user might even receive multiple logon pop-up windows because of a password change, if an immediate "Unauthorized" is not sent after a password change.

If, in spite of all these advantages, an immediate "Unauthorized" after a password change is not desirable, the NEWPASSWORDC (NEW PASSWORD Continue) can be specified on the port definition.

The presence or absence of the NEWPASSWORDC parameter is irrelevant if there is a JANUS WEB ON NEWPASSWORD rule for the port.

Valid only for WEBSERV ports.

See also