Swekey auth: token caching enabled by default

ChangeLog

@@ -6,15 +6,17 @@ $Id$
 $HeadURL: https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyAdmin/ChangeLog $
 
 3.1.0.0 (not yet released)
++ [auth] Support for Swekey hardware authentication
 - bug #2046883 [core] Notices about deprecated dl() (so stop using it)
-+ BLOBstreaming support, thanks to Raj Kissu Rajandran (work in progress)
++ BLOBstreaming support, thanks to Raj Kissu Rajandran and
+  Google Summer of Code 2008
 + patch #2067462 [lang] link FAQ references in messages,
   thanks to Thijs Kinkhorst - kink
 + new setup script, thanks to Piotr Przybylski (work in progress)
 - rfe #1892243 [export] more links to documentation
 + [auth] cookie auth now autogenerates blowfish_secret, but it has some
   limitations and you still should set it in config file
-+ [auth] cookie authentication is now default
++ [auth] cookie authentication is now the default
 + [auth] do not allow root user without password unless explicitly enabled by
   AllowNoPasswordRoot
 + rfe #1778908 [auth] arbitrary server auth can now also accept port

contrib/swekey.sample.conf

@@ -20,6 +20,7 @@
 #
 # It is recommended to include the following lines to contact the
 # authentication servers in SSL mode.
+#
 
 SERVER_CHECK=https://auth-check-ssl.musbe.net
 SERVER_RNDTOKEN=https://auth-rnd-gen-ssl.musbe.net
@@ -37,9 +38,7 @@ SERVER_STATUS=https://auth-status-ssl.musbe.net
 #
 # If your server receives many login requests, you can enable the random 
 # token caching to accelerate the authentication process.
-# This is disabled by default because a cache file with full public access 
-# is vulnerable to a denial of service attack.
-# You can enable it when your server is running in a secure environment.   
+# Token caching is enabled by default.   
 #
 
-#ENABLE_TOKEN_CACHE=1
+#ENABLE_TOKEN_CACHE=0