WWW_AUTHINFO_DISABLE
Platforms
Unix, Windows (obsolete in 16.5 and later)
Abstract
A Boolean value which can be set to 1 to disable the IP address verification function of the web archive interface ('wa'), or 0 to re-enable the function.
Example
z/VM: |
<not available> |
Unix: |
WWW_AUTHINFO_DISABLE=0 export WWW_AUTHINFO_DISABLE |
Windows: |
WWW_AUTHINFO_DISABLE=0 |
Details
The default setting allows you to bypass certain proxy problems that prevent the 'wa' interface from working properly. There is a certain minimum security exposure involved in that someone with a good memory can watch you using 'wa', memorize the URL, and then type it into another browser and use your login ticket. The ticket will still expire but until then the "thief" has full reign on your list. If the minimum security exposure noted above is unacceptable, this variable can be set to 0 (i.e., enable the authorization).
This setting is obsoleted (and can be safely left set to the default) in LISTSERV 16.5 and later if one-time passwords are enabled for the web interface (which is the default). See also WA_USER_INSECURE_COOKIE and WA_ONETIME_PW_ROAMING as well as What's New in LISTSERV 16.5 for more information.
Default Value
1