This may be an old question, but I still don't understand what is happening. I have used almost every version of Zope from about 2.1.6 to 2.5.0 and in every case when I try to logout of the ZMI it just does not log me out. an extract from the Zope Book says... http://www.zope.org/Members/michel/ZB/UsingZope.dtml "To logout select Logout from the top frame of the management interface and cancel the new login. You should see a message telling you that you are logged out. If you try to access the Zope management interface after you are logged out, you'll be prompted to log in again. You can also logout of Zope by quitting your web browser." But this is not the case. When I select Logout from the top frame it does give me the new login dialog, but no matter what I choose from there on, I am still logged in and can browse and access all the zope objects. I just cant figure it out - the only method that logs me out is quitting all my browser window, which is a real pain. What am I doing wrong? Tom
Hi Tom. This is a generic problem with HTTP Basic Auth. 1) There is no real thing like "logout". 2) On every page your browser sends your authentication information (credentials) to the server if the server requests them. 3) You need to convince your browser not to do so anymore if you want to log out. Now we have some choices: - The browser could provide a function to cancel given HTTP Basic AUTH credentials - The browser could forget them on a new send AUTH request (some browsers do so i think) - The browser could forget them when you provide new credentials (this is what the most browsers do i think), which requires you to enter some invalid user data But at least the "logout" would be done if you close the browser. So whats the conclusion? Don't rely on HTTP Basic AUTH for logout, because it will break your neck if you don't watch. (Isn't that a thing for Zope 2.6??? We could think about cookie using standard userfolder with some nice login page and a fast "switch user" function or something like that ... Hope that helps. Christian On Fri, Mar 01, 2002 at 06:04:10PM +1000, Tom Cameron wrote:
This may be an old question, but I still don't understand what is happening.
I have used almost every version of Zope from about 2.1.6 to 2.5.0 and in every case when I try to logout of the ZMI it just does not log me out.
an extract from the Zope Book says...
http://www.zope.org/Members/michel/ZB/UsingZope.dtml "To logout select Logout from the top frame of the management interface and cancel the new login. You should see a message telling you that you are logged out. If you try to access the Zope management interface after you are logged out, you'll be prompted to log in again. You can also logout of Zope by quitting your web browser."
But this is not the case. When I select Logout from the top frame it does give me the new login dialog, but no matter what I choose from there on, I am still logged in and can browse and access all the zope objects.
I just cant figure it out - the only method that logs me out is quitting all my browser window, which is a real pain.
What am I doing wrong?
Tom
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
-- Christian Theune - ct@gocept.com gocept gmbh & co.kg - schalaunische strasse 6 - 06366 koethen/anhalt tel.+49 3496 3099112 - fax.+49 3496 3099118 mob. - 0178 48 33 981 reduce(lambda x,y:x+y,[chr(ord(x)^42) for x in 'zS^BED\nX_FOY\x0b'])
Tom Cameron writes:
I have used almost every version of Zope from about 2.1.6 to 2.5.0 and in every case when I try to logout of the ZMI it just does not log me out. Please look at the "dtml-raise" example of
<http://www.dieter.handshake.de/pyprojects/zope/book/chap3.html> It contains a better logout method than that integrated in Zope. It has been stolen from an idea on the mailing list... Dieter
participants (3)
-
Christian Theune -
Dieter Maurer -
Tom Cameron