(keitai-l) HTTP authentication caching

From: Kyle Barrow <kyle_at_pukupi.com>
Date: 11/02/05
Message-Id: <B5497C5B-D114-4C46-AB07-1AF3103D8239@pukupi.com>
I have some mobile server admin tools tucked away on SSL server  
which, for simplicity, uses HTTP authentication.

In the (distant) past, mobiles I tested for HTTP authentication  
support have requested authentication on each session but with  
Vodafone's 903T, authentication is cached for some period of time  
(12hr?) or until the mobile is switched off, creating something of a  
security issue if the mobile was ever lost.

With my test mobiles in another office, I'm suspect other recent  
mobile browsers do the same and am wondering if anyone can confirm this?

I have setup a simple authentication test at http://pukupi.com with  
the following access details if you would like to test your mobile:

user: test
password: ajt0ajt0

Cheers

Kyle

-- 

mobile web gear | pukupi.com | 34°40'n 135°30'e
Received on Wed Nov 2 07:07:40 2005