Re: Test-Case 004 failed for WLUS 1.2-25
* Petter Reinholdtsen (pere@hungry.com) [040421 19:52]:
> [Andreas Schuldei]
> > it is working as expected. Please search the mailinglist archives
> > for discussions on it beeing a pain in the A** to have to type in
> > the password every time, even after having authenticated
> > correctly to webmin in the beginning.
>
> Ah, so this was just the password caching in effect. Sounds good to
> me. This is the one partly saved on the client and partly saved on
> the server, and deleted after 5. minutes, right?
the client sees only a md5 hash computed over the data structure
and a secret random string. the real password and other
state-information is stored on the server and never tranmitted
over the net (besides the one time the user typed in the
password).
Reply to: