if there was a means by which i could strip out the Authorization header in the client request, this would force a 401 response from the server which would also satisfy my specific need.
is there a means by which i can manipulate an incoming request header from the client? On Sat, 29 Mar 2003, Thomas Klausner wrote: > Hi! > > On Fri, Mar 28, 2003 at 02:27:29PM -0500, Todd White wrote: > > i'm seeking a means by which i can allow my web users to "logoff" after > > authenticating for access to restricted web space. i realize that users > > can just close their browser, but i'm seeking a solution that allows the > > browser to remain open. essentially, i want a button that a user can > > click that causes the web browser to drop the credentials for the realm. > > AFAIK, something like "logoff" is impossible with BASIC Auth (which AuthDBI > uses). > > Take a look at Apache::AuthCookie, which implements its own Authentication > scheme and allows "logoff". > > Or take a look at Recipie 13.7 in the mod_perl Developers Cookbook. > > -- > #!/usr/bin/perl http://domm.zsi.at > for(ref bless{},just'another'perl'hacker){s-:+-$"-g&&print$_.$/} >
