[Zope] Logging a User Out

[Jens Vagelpohl]

you cannot clear out basic HTTP auth information from a browser without 
telling the browser that the user is unauthorized, which will then make 
the browser pop up a username/password box. that's simple HTTP 
authentication and has not much to do with zope itself.

use a user folder that supports cookie authentication. that's the only 
way you can achieve your goal.

jens


On Friday, Mar 7, 2003, at 13:39 US/Eastern, Edward Pollard wrote:

> I'm up to my elbows in ripping apart the ZMI to find the code, and its
> another basic idea, so I thought I'd throw it out to the list.
>
> How can I programatically (Python/Page Templates) clear the login
> information from the browser? That is - log someone out.
>
> Setting up the permisions with the LDAP users was straightforward, but
> at the moment all I can do is detect the lack of permissions and say
> "Access Unauthorized". The only way to switch users is to open a new
> browser. This, of course, is immature and - if you'll excuse the
> colloquialism - sucks hard. So I'd like to offer a button that says 
> "Log
> me out".
>
> Amusingly, the Security chapter of The Zope Book does not seem to cover
> this. Maybe it shouldn't and I'm just easily amused.
>
> Thanks,
>
> Ed