Hi,
Thank you for your quick replay. I am using CookieCrumbler product which does cookie based authentication. The product modify the client request and server response but when user want to log out it calling the "manage_zmi_logout" functaion which pass basic authenticate in response header that's why it calling login window . I don't want to show any window and also i want to fully logout user from zope is any way to do that .

Thank and Regards,
vaibhi

On Wed, Sep 17, 2008 at 6:58 PM, Tino Wildenhain <tino@wildenhain.de> wrote:

vaibhav pol wrote:

Dear all,
I create logout page in my site when user want to logout it will submit the page of page submit i called "manage_zmi_logout" function . which promt me for again login user name password window i want redirect user to login page but if redirect whiout calling "manage_zmi_logout" function user not actualy logout from zope is any other way to kill user session please tell me.

Is there a question somewhere?

Looks like you are trying to log out a "basic auth". This is not
really possible - the protocol has nothing to support it.
What zope does is using a dirty trick - most browsers expire
sending the auth header when they get a 401 response (look up your
copy of rfc2616).

What you probably want is to use a cookie based authorization.

Did you already explore zope PAS?

Cheers
Tino