How to logout users when using LoginManager?
I've searched the zope website for tips on how to truly logout users, but I can't find any information. I'm using LoginManager, with GenericUserFolder. I see mention of cookie auth methods, but I have no idea how to use this. So, I'm using basic auth (I assume). Can anyone share some tips on how to logout users from a web page, using cookies or otherwise, allowing them to relogin as another user without having to quit/start their browser? Thanks.. Brad Clements, bkc@murkworks.com (315)268-1000 http://www.murkworks.com (315)268-9812 Fax netmeeting: ils://ils.murkworks.com AOL-IM: BKClements
Brad Clements wrote:
Can anyone share some tips on how to logout users from a web page, using cookies or otherwise, allowing them to relogin as another user without having to quit/start their browser?
Well, with cookies, it's simple: delete the cookie. I think most fo the Login-type stuff has interfaces to do this for you (like the logout link on zope.org) With Basic Auth it's a bit tricky. Basic Auth really only works 'cos browsers cache your username and password and send it each time you request a new page that it thinks those details apply to. So you just have to persuade the browser to stop cachign that info ;-) I think you can do something like: <dtml-raise Unauthorized> which works on most of the browsers around. I don't know though, maybe I got the syntax wrong :S cheers, Chris
On Wed, 30 Aug 2000, Chris Withers wrote:
Brad Clements wrote:
Can anyone share some tips on how to logout users from a web page, using cookies or otherwise, allowing them to relogin as another user without having to quit/start their browser?
Well, with cookies, it's simple: delete the cookie.
You cannot just delete the cookie 'cuase Zope is server, but cookies are on client side. You are to send "delete" command to browser, but there is no "delete cookie" command in cookie protocol :( You have to expire the cookie to really delete it from the browser. Oleg. ---- Oleg Broytmann http://phd.pp.ru/ phd@phd.pp.ru Programmers don't die, they just GOSUB without RETURN.
participants (3)
-
Brad Clements -
Chris Withers -
Oleg Broytmann