[ZDP] BackTalk to Document The Zope Book (2.5 Edition)/Using Zope

webmaster@zope.org webmaster@zope.org
Mon, 25 Nov 2002 07:29:18 -0500 

A comment to the paragraph below was recently added via http://www.zope.org/Documentation/Books/ZopeBook/current/UsingZope.stx#2-43

---------------

    To logout select *Logout* from the top frame of the management
    interface and cancel the new login. You should see a message
    telling you that you are logged out. If you try to access the Zope
    management interface after you are logged out, you'll be prompted
    to log in again.  You can also logout of Zope by quitting your
    web browser.

      % Anonymous User - Apr. 23, 2002 1:50 am:
       If you press reload button of the browser, you will find yourself still remain logged in... Is this the same
       to all of you?

      % Anonymous User - Apr. 26, 2002 4:02 pm:
       I am getting logged out properly using IE 5 for the mac

      % Anonymous User - May 9, 2002 6:05 pm:
       I'm still logged in if i press reaload or back button.
       Using konqueror.

      % Anonymous User - May 14, 2002 7:47 am:
       For me it's the same (ie6).

       But: as it was written in an erlier version of this book "to change your login [or log out properly -
       anonymous user = me:)] you must completely exit all instances of your web browser, and then restart your
       browser and login with the new authentification information. [...]since most browsers cache
       authentification."

      % kaleissin - May 16, 2002 1:19 pm:
       This is because it is not a cookie-login, but the same kind of login you get with ssl and friends. Kinda
       annoying if you want to test a weaker-than-Manager user: 1) login as user, test, 2) kill all browser windows,
       open new browser, 3) login as powerful-as-a-Manager user, change security-settings and roles on weak user, 4)
       kill all browser windows, open new browser, go to 1)...

      % Anonymous User - May 24, 2002 10:48 am:
       Fortunately, galeon allows you to kill it, and restore all 
       instances where they were when it was killed, reprompting 
       for a new user and password, making (2) and (4) above 
       rather painless.  :)

      % Anonymous User - Nov. 25, 2002 7:29 am:
       Some of us just use more than one browser to test with - check security and cross-browser compatability in
       one easy step... (athough I must say, Galeon is one of the best browsers I've used for a while)
       Is there a way to logout via a dtml method or python script? I need to be able to log users out, without
       having to (a) close browsers or (b) use the ZMI. A method containing <dtml-call
       expr="AUTHENTICATED_USER.logout()"> doesn't work. I know browsers cache authentication, but I can log out of
       other session-based secure areas on other sites, so I don't see why Zope can't, in theory, do it.