Alex Cordero writes: Please stay on the mailing list (readded).
... CookieCrumbler unable to log out ... How can I know what kind of authentication am I using? DTML method logged_out simply conrtrols if the curren user is Anonymous User by the call When you request a logout CookieCrumber expires the authentication cookie and redirects to "logged_out".
When you have been authenticated via the cookie (alone), then you will be "Anonymous User" when "logged_out" is visited. However, when your browser provides basic authentication information, then you are still authenticated by this information and "logged_out" sees that the user name is still not "Anonymous User". Therefore, it tells you that you are still authenticated and not yet logged out.
... If, so, How can I say to CookieCrumbler that I want to use real cookie authentication? Usually (this means in the default setup), CookieCrumber will only use cookie authentication (and then is able to log you out).
However, when you are authenticated by another user folder, e.g. one above that for CookieCrumber, then your browser may have gotten an "Unauthorized" response and has shown you a login dialog. Your browser can (and usually will) send this login information with any request to the Zope site. When it does, CookieCrumber is no longer able to log you out. An "Unauthorized" response is also send to the browser in some exceptional error situations. You get a browser login dialog and when you successfully provide login information, then you are authenticated with HTTP authentication and CookieCrumbler can no longer log you out. This is probably a bug. But it occurs only rarely and is probably not your problem. Some browsers allow you to save login information accross sessions. Such browsers may automatically authenticate you without being asked for it. In these cases, you are authenticated via HTTP authentication and CookieCrumber cannot log you out. Dieter