thanks Ben,

I think I found the problem, after I authenticate and then save a page as
a bookmark, the url saved shows up along the lines of:
http://vogon.agric.nsw.gov.au:2306/cgi-
bin/wa?LCMD&X=*5AA9623952F67DEC48&[log in to unmask]
au

Wouldnt this be passing whatever was after wa to the wa script as
arguements? If that is so, then it is passing what are considered to be
valid arguements to let me access what ever  page that URL bookmark
points to, regardless of cookies or caches or whatever.

I did the resetcookie arguement as you have suggested and the
bookmark still works fine.. again I think it is because it is passing valid
arguements to wa.

Is there some way of controlling this? I can send you the url for the wa
interface here in private mail if I am on the wrong track here.

lsvadmin

On 16 Dec 99, at 18:07, Ben Parker wrote:

> On Fri, 17 Dec 1999 11:03:51 +1100, lsvadmin <[log in to unmask]> wrote:
>
> >no, I didnt save it as a cookie, and to ensure that I was not mistaken I
> >got another admin here to login and repeat the bookmark problem,
> >ensuring that they didnt select the <save passwd as cookie> button and
> >I still get the same problem.
>
> Belive me, this was extensively tested during development.  There IS a cookie
> set or you couldn't do this.  If you want to send me the URL you are using
> privately we'll investigate.
>
> Go to the URL  http://hostname/cgi-bin/wa?RESET-COOKIE
>
> (use your hostname, and cgi directory name if different than above)
>
> Then try going to the URL of the List Mgmt page directly.  You should be forced
> to login.
>
> If it still works then try again from a different computer.
> And send us the fragment from the LISTSERV log file for this time frame showing
> exactly what userID was actually logged in.
>