If you use the "unsupported" UserDB system, you can store the auth info in cookies, instead of basic auth. You can then do a 'logout' by calling acl_users/docLogout. (or even modify the UserDB code to add an expiry date to the cookie) Anthony
Jonathan Corbet wrote I'm working on a system to make medical records available via a web interface. It needs to make different levels of access available to different sorts of people (doctors, nurses, clerical staff) - a perfect match for Zope's roles.
But I've encountered one rub: the web browser will be running on PC's sitting in various spots in the clinic's offices: the doctor's office, work areas, even examination rooms. There will be a different person sitting down at it every few minutes. But, with "Basic" authentication, once the web browser has your username/password in its clutches, it never lets go.
We're dealing with medical records here, so it is a poor idea to leave a "logged in" browser sitting around in a public place. What I am looking for is a way to put in a "log out" option that stops short of killing and restarting the browser. Has anybody else figured out a way to do this?
Thanks,
jon
Jonathan Corbet, Eklektix, Inc. corbet@eklektix.com
_______________________________________________ Zope maillist - Zope@zope.org http://www.zope.org/mailman/listinfo/zope
(For developer-specific issues, use the companion list, zope-dev@zope.org - http://www.zope.org/mailman/listinfo/zope-dev )
-- Anthony Baxter <anthony@interlink.com.au> It's never too late to have a happy childhood.