tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Craig R. McClanahan" <craig...@apache.org>
Subject Re: Logout with basic autorization
Date Thu, 15 Nov 2001 01:53:24 GMT


On Wed, 14 Nov 2001, kevin ritter wrote:

> Date: Wed, 14 Nov 2001 18:41:01 -0600
> From: kevin ritter <kevin.ritter@jcafeinc.com>
> Reply-To: Tomcat Users List <tomcat-user@jakarta.apache.org>,
>      kevin ritter <kevin.ritter@jcafeinc.com>
> To: tomcat-user@jakarta.apache.org
> Subject: Re: Logout with basic autorization
>
> Can anyone one verify if this is really the case, that is, to logout with
> BASIC authentication you have to close the browser window? This seems to be
> a little goofy. Are there any work arounds?
>

As far as I know, this is correct.  The problem is that when you are using
BASIC authentication, the browser sends the credentials on every request,
and I don't know of any way to tell it to stop doing so.

If you use form-based login, invalidating the session is all that is
required to log the user off.

> Thank you in advance. Peace
> Kevin Ritter

Craig


--
To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>


Mime
View raw message