[Grok-dev] New sample app: LoginDemo

Brandon Craig Rhodes brandon at rhodesmill.org
Sun Dec 30 13:57:47 EST 2007


"Luciano Ramalho" <luciano at ramalho.org> writes:

> On Dec 30, 2007 11:48 AM, Sebastian Ware <sebastian at urbantalk.se> wrote:
>
>> Luciano, have you solved the use case where one is logged in as a
>> manager (through the grok admin interface) and wants to log out as
>> manager in order to properly log in as an orindary user...
>
> Hi Sebastian, I haven't solved that, but I haven't tried either.

I've seen two solutions over the years:

 (1) An ssh connection back to my own machine that port-forwards.

     This works because Firefox, at least, seems to consider - for
     example - localhost:8080 and localhost:8090 to be different
     servers that should not be given the same Basic Auth info (oddly
     enough, it *does* seem to give both "servers" the same cookies!).
     This is created with:

      $ ssh -N -L 8090:localhost:8080 localhost

     from my command line.  Typically I log on with my "admin" user to
     the 8080 port, and then have 8090 free to be another user.

 (2) Re-authenticate with a wrong username and password.

     Once you're logged into a site, like localhost:8080, as a
     particular user through Basic Auth, you can "unauthenticate" and
     make Firefox forget whose username and password you'd entered by
     entering a "username at password" prefix in the URL.  So if I've
     been acting as "admin" for a while and want to stop, I re-type
     the current URL as something like:

       http://foo:bar@localhost:8080/main

     and since there's really no "foo" or "bar" user, an
     authentication error comes up and I can hit "cancel" and am no
     longer logged in.  (At least, I seem to remember it working that
     way!)

I have been planning to do a little article on the whole subject of
authentication, including both of these hints, once we have the new
web site.

-- 
Brandon Craig Rhodes   brandon at rhodesmill.org   http://rhodesmill.org/brandon


More information about the Grok-dev mailing list