[Zope-CMF] how to force logout when server closes??
Tres Seaver
tseaver@zope.com
06 Jul 2003 09:46:07 -0400
On Sat, 2003-07-05 at 11:46, robert wrote:
> I am using Plone (for CMF this te situation is probably the same).
> I would *think* that CookieCrumbler's cookies would expire automatically when
> closing all sessions.
The default CookieCrumbler cookies to expire when the browser session
ends. There is a way to override this: perhaps there is a Plone option
which turns this override on?
> However, when you login to the same portal with a new Browser, you are still
> logged in.
> So what I would like to do, is force a logout when closing the browser.
Several things:
- While logged in, use your browser's cookie inspection features
to verify the expiration of the auth cookie, which is named
'__ac'.
- Ensure that the browser is *really* closed (use 'killall mozilla',
or the three-fingered salute in Windows to ensure that the process
has really exited).
- Look for the presence in your skins of a method named
'setAuthCookie'. If it is present, then it is probably the culprit;
try removing it and see if the problem goes away.
Tres.
--
===============================================================
Tres Seaver tseaver@zope.com
Zope Corporation "Zope Dealers" http://www.zope.com