One can use in a servlet, or a JSP:
<excerpt>
if ( session.getAttribute("logged_out") != null ){
response.sendError(response.SC_UNAUTHORIZED, "Logout...");
return;
}
<end excerpt>
Whenever you want your user logged out: set a session attribute called
"logged_out".
On the main page do not check this attribute, but clear it.
The user will be asked for the username and password again when the
browser receives Error 401 (SC_UNAUTHORIZED).
Tradeoff: you have to check that everywhere in every JSP or servlet.
Lachezar
> The problem is that with BASIC authentication the *browser* remembers the
> logon information and resends it whenever needed. Hence things like
> invalidating the session will not work, since the browser will simply log
> the user in again without their intervention.
>
> So far as I know, there is no solution to this problem. If you use BASIC
> authentication, the user has to shut down the browser to log off.
>
> If someone knows differently, I too would certainly love to hear the
answer.
>
> Nick
>
>
>
> At 03:18 PM 6/13/01 -0400, you wrote:
> >is it too obvious to say:
> >
> >send out the pages w/ an expire time....
> >set the http session expiration to a desired interval to prevent use
after x
> >minutes...create a logoff function that invalidates their session...
> >
> >is that too simplistic?
> >
> >regards,
> >Mike Conway
> >
> >cybermaster wrote:
> >
> > > <%
> > > if (session != null) {
> > > session.invalidate();
> > > }
> > >
> > > %>
> > >
> > > --peter
> > >
> > > -----Original Message-----
> > > From: [EMAIL PROTECTED]
> > > [mailto:[EMAIL PROTECTED]]On Behalf Of Smith Jason
> > > Sent: Wednesday, June 13, 2001 6:38 AM
> > > To: Orion-Interest
> > > Subject: Force Logon after X minutes
> > >
> > > I am custom user-authentication.
> > >
> > > The user and groups are in a database and I am using BASIC
authentication.
> > >
> > > How can I allow users to logoff w/o them closing their browser?
> > >
> > > How can I force them to logon again after x minutes?
> > >
> > > Thxs,
> > >
> > > Jason
>
>
>
>
