On Wed, 14 Nov 2001, kevin ritter wrote:
> Date: Wed, 14 Nov 2001 18:41:01 -0600
> From: kevin ritter <[EMAIL PROTECTED]>
> Reply-To: Tomcat Users List <[EMAIL PROTECTED]>,
> kevin ritter <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: Re: Logout with basic autorization
>
> Can anyone one verify if this is really the case, that is, to logout with
> BASIC authentication you have to close the browser window? This seems to be
> a little goofy. Are there any work arounds?
>
As far as I know, this is correct. The problem is that when you are using
BASIC authentication, the browser sends the credentials on every request,
and I don't know of any way to tell it to stop doing so.
If you use form-based login, invalidating the session is all that is
required to log the user off.
> Thank you in advance. Peace
> Kevin Ritter
Craig
--
To unsubscribe: <mailto:[EMAIL PROTECTED]>
For additional commands: <mailto:[EMAIL PROTECTED]>
Troubles with the list: <mailto:[EMAIL PROTECTED]>
