Hey all, I went to the Zope site at http://www.zope.org/logout.html/view_source and this is the source that the Zope site uses to log members out: <!--#call "REQUEST['RESPONSE'].expireCookie('__ac', path='/')"--> <!--#call "REQUEST['RESPONSE'].redirect('logged_out')"--> When I execute the same source on my site, I don't get any errors and the user is redirected to the the logged_out page, but they are not "de-authenticated". In other words, unlike the Zope site, they can hit the back button and continue on their merry way. Any thoughts? Dan
On Tue, 16 Nov 1999, Daniel G. Rusch wrote:
<!--#call "REQUEST['RESPONSE'].expireCookie('__ac', path='/')"-->
When I execute the same source on my site, I don't get any errors and the user is redirected to the the logged_out page, but they are not "de-authenticated". In other words, unlike the Zope site, they can hit the back button and continue on their merry way.
Logout, of course, is pretty tough coupled with login. Which login mechanism do you use? What is the anme of the cookie (if it is cookie-based)? Oleg. ---- Oleg Broytmann Foundation for Effective Policies phd@phd.russ.ru Programmers don't die, they just GOSUB without RETURN.
----- Original Message ----- From: Daniel G. Rusch <drusch@globalcrossing.com> To: <zope@zope.org> Sent: Tuesday, November 16, 1999 11:29 AM Subject: [Zope] Logout question
I went to the Zope site at http://www.zope.org/logout.html/view_source and this is the source that the Zope site uses to log members out:
<!--#call "REQUEST['RESPONSE'].expireCookie('__ac', path='/')"--> <!--#call "REQUEST['RESPONSE'].redirect('logged_out')"-->
When I execute the same source on my site, I don't get any errors and the user is redirected to the the logged_out page, but they are not "de-authenticated". In other words, unlike the Zope site, they can hit the back button and continue on their merry way.
Zope.org does not use the standard UserFolder. It uses a portion of the not-yet-released Portal Toolkit. If you look through the mail list archives, you will find some logout solutions, but they are not quite as clean and nice as the above. Note: if you use UserDB instead of the UserFolder for authentication, you can use cookies instead of Basic authentication... which means that you can make a logout function such as the one above. Kevin
participants (3)
-
Daniel G. Rusch -
Kevin Dangoor -
Oleg Broytmann