[Zope] Revoking authentication (or: logging out)?
Service Informatique CHSR
chsrinfo@guetali.fr
Thu, 17 Jun 1999 09:53:28 +0400
>>>> Anthony Baxter wrote
>>
>> If you use the "unsupported" UserDB system, you can store the auth info
>> in cookies, instead of basic auth. You can then do a 'logout' by calling
>> acl_users/docLogout.
>>
>> (or even modify the UserDB code to add an expiry date to the cookie)
>
>oops, almost forgot - we're using this here, and I've had _some_ reports
>that IE won't properly expire the cookie
I ran into this
The problem is with IE 3.x
The solution is to strip out the maxage attribute in the SetCookie.
Don't know why, but with maxage, IE 3.x fails to expire the cookie.
NS 3.x, 4.x, IE 4.x all expire the cookie, even if maxage is not specified.
Regards,
Jephte CLAIN
Service Informatique CHSR