Hi all,
You could change the realm using sec:set-realm, but that will effectively
logout everyone. You can also tell IE to rechallenge the user by sending a 401
with a WWW-Authenticate header, but the tricky thing is to recognize when to
stop doing that. The following code seems to work more or less in IE (8), but
unfortunately FF seems to keep all previous logins into his temporary cache,
and simply picks the following one without rechallenging the user..
xquery version "1.0-ml";
declare variable $user := xdmp:get-current-user();
declare variable $cmd := xdmp:get-request-field('cmd', 'login');
declare variable $msg := xdmp:get-request-field('msg');
xdmp:set-response-content-type("text/html"),
if ($cmd = 'logout') then (
let $last-user := xdmp:get-session-field("user")
return (
if ($last-user ne $user) then (
xdmp:set-session-field("user", $user),
xdmp:redirect-response(concat("login.xqy?msg=Goodbye,
", $last-user))
) else (
xdmp:set-session-field("user", $user),
xdmp:set-response-code(401, "Logout"),
xdmp:add-response-header("WWW-Authenticate", "Basic
realm='public'"),
<html>
<body>
<h1>Goodbye, {$user}</h1>
<p>You have succesfully logged out!</p>
<p><a href="login.xqy">login</a></p>
</body>
</html>
)
)
) else (
<html>
<body>
<h1>{$msg} Welcome, {$user}</h1>
<p>You have succesfully logged in!</p>
<p><a href="login.xqy?cmd=logout">logout</a></p>
</body>
</html>
)
Kind regards,
Geert
>
drs. G.P.H. (Geert) Josten
Consultant
Daidalos BV
Hoekeindsehof 1-4
2665 JZ Bleiswijk
T +31 (0)10 850 1200
F +31 (0)10 850 1199
mailto:geert.jos...@daidalos.nl
http://www.daidalos.nl/
KvK 27164984
P Please consider the environment before printing this mail.
De informatie - verzonden in of met dit e-mailbericht - is afkomstig van
Daidalos BV en is uitsluitend bestemd voor de geadresseerde. Indien u dit
bericht onbedoeld hebt ontvangen, verzoeken wij u het te verwijderen. Aan dit
bericht kunnen geen rechten worden ontleend.
> From: general-boun...@developer.marklogic.com
> [mailto:general-boun...@developer.marklogic.com] On Behalf Of Nuno Job
> Sent: woensdag 10 maart 2010 23:19
> To: General Mark Logic Developer Discussion
> Cc: Danny Sokolsky
> Subject: Re: [MarkLogic Dev General] RE: logout from IE
>
> What about IE 6?
>
> Any solutions ?
>
> Nuno
>
>
> On Wed, Mar 10, 2010 at 7:10 PM, Sam Neth
> <sam.n...@marklogic.com> wrote:
>
>
> HTTP authentication is not cookie based, which is not
> to say that Microsoft wouldn't choose to call cached
> credentials "cookies", or lump clearing them into an option
> to clear cookies, but I'm fairly sure they don't. Here's an
> article that should help for IE8:
>
>
> http://blogs.msdn.com/askie/archive/2009/05/08/session-managem
> ent-within-internet-explorer-8-0.aspx
>
> I believe there are some activex hacks and things for
> doing this in previous versions.
>
>
> On Mar 10, 2010, at 10:29 AM, Eric Bloch wrote:
>
> > Fwiw, in IE8, if you use the developer tools you can
> do 'Cache->clear
> > session cookies'.
> >
> >
> > Eric
> >
> > _______________________________________________
> > General mailing list
> > General@developer.marklogic.com
> > http://xqzone.com/mailman/listinfo/general
>
> _______________________________________________
> General mailing list
> General@developer.marklogic.com
> http://xqzone.com/mailman/listinfo/general
>
>
>
>
_______________________________________________
General mailing list
General@developer.marklogic.com
http://xqzone.com/mailman/listinfo/general
