tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "G. Wade Johnson" <>
Subject Re: logout and login again
Date Thu, 15 May 2003 14:46:55 GMT
One surprise with the BASIC authentication is that the browser retains
the userid and password you enter until it is restarted.

When you invalidate the session, your server will rerequest the basic
authentication from the browser. The browser finds that it already has
a userid and password for this server/realm combination and sends it
without bothering the end user.

G. Wade

Werner van Mook wrote:
> Hi,
> I'm new to this list so forgive me if this questions has been asked
> before.
> (although I couldn't find it in the archives).
> I have a web app for which a user has to log in with a name and
> password.
> I give the users a way to logout by invalidating the current session.
> Now it should be possible to go back to the page where you have to log
> in and ask for the name and password.
> This will not work for me. My browser does not show a login window.
> It only shows it when I restart my browser.
> I use basic authentication with the standard tomcat memory realm.
> I hope I'm clear in my story.
> Can anybody point me in the right direction.
> Werner
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message