注册 登录  
 加关注
   显示下一条  |  关闭
温馨提示!由于新浪微博认证机制调整,您的新浪微博帐号绑定已过期,请重新绑定!立即重新绑定新浪微博》  |  关闭

mylotustips的博客

IBM Lotus协作产品家族经验分享

 
 
 

日志

 
 
关于我

欢迎大家使用SR向IBM800提交问题http://www.ibm.com/support/servicerequest 可以随时查看问题状态,上传文件

网易考拉推荐

为何HTTP Password 修改后新老密码均可使用  

2012-02-03 20:27:31|  分类: iNotes |  标签: |举报 |字号 订阅

  下载LOFTER 我的照片书  |
管理员反映 HTTP Password 修改后新老密码均可使用,对应的问题报告编号为SPR #HSPR7CX73U
标题为:Old password doesn't get inactive immediately after changing DWA password
 
开发团队认为这种行为是符合设计的:

When Web users change their Internet passwords, the Domino HTTP server remembers the new Internet password in its cache, as well as the old password. Caching is useful because it can take some time for the password change to take effect, as the change must be processed by the Domino administration server and replicated throughout the Domino environment. Password caching allows the HTTP server to immediately recognize the user's new Internet password and accept it for login, even though the password change information may not be finished replicating in the Domino environment. Prior to Domino 6.0.3, password change caching was available only for single session authentication. Password changes can now be cached when the HTTP server is configured for SSO. The referenced tech note is incorrect (I have submitted a request to have the tech note updated to say that this feature was implemented for SSO users in 6.0.3).

Without password caching, then the user can only login by supplying the password that can be verified against the password information found by the server in the Domino Directory. The server Notes.ini parameter HTTP_PWD_CHANGE_CACHE_HOURS can be configured to be 0 to avoid password caching. If there is no password caching, the user cannot know for sure whether the server's directory in the environment has the password update. In the case where the Domino directory replica has not yet been updated, the user cannot use the new password and must continue to use the old password.

 
Domino 提供了 HTTP 密码缓存功能并非产品缺陷。在 HTTP 任务未重启的前提下,48 小时内再次登录时新老密码均有效。
目的是为了 Domino 目录完全同步之前,即使新密码还未来得及复制到其他服务器上,用户还能够使用旧密码登录其他 Web 服务器,
 
如果希望禁用HTTP密码缓存功能,可以在 notes.ini 中添加以下参数并重启服务器:
HTTP_PWD_CHANGE_CACHE_HOURS=0


如果要立即清理HTTP密码缓存,可以在控制台执行命令:
show nlcache reset


  评论这张
 
阅读(1126)| 评论(2)
推荐 转载

历史上的今天

在LOFTER的更多文章

评论

<#--最新日志,群博日志--> <#--推荐日志--> <#--引用记录--> <#--博主推荐--> <#--随机阅读--> <#--首页推荐--> <#--历史上的今天--> <#--被推荐日志--> <#--上一篇,下一篇--> <#-- 热度 --> <#-- 网易新闻广告 --> <#--右边模块结构--> <#--评论模块结构--> <#--引用模块结构--> <#--博主发起的投票-->
 
 
 
 
 
 
 
 
 
 
 
 
 
 

页脚

网易公司版权所有 ©1997-2017