vaibhav4947 at gmail
Sep 17, 2008, 6:54 AM
Post #3 of 3
(816 views)
Permalink
|
Hi,
Thank you for your quick replay. I am using CookieCrumbler product
which does cookie based authentication. The product modify the client
request and server response but when user want to log out it calling the
"manage_zmi_logout" functaion which pass basic authenticate in response
header that's why it calling login window . I don't want to show any
window and also i want to fully logout user from zope is any way to do
that .
Thank and Regards,
vaibhi
On Wed, Sep 17, 2008 at 6:58 PM, Tino Wildenhain <tino [at] wildenhain> wrote:
> vaibhav pol wrote:
>
>> Dear all,
>> I create logout page in my site when user want to logout it will
>> submit the page of page submit i called "manage_zmi_logout" function .
>> which promt me for again login user name password window i want redirect
>> user to login page but if redirect whiout calling "manage_zmi_logout"
>> function user not actualy logout from zope is any other way to kill user
>> session please tell me.
>>
>
> Is there a question somewhere?
>
> Looks like you are trying to log out a "basic auth". This is not
> really possible - the protocol has nothing to support it.
> What zope does is using a dirty trick - most browsers expire
> sending the auth header when they get a 401 response (look up your
> copy of rfc2616).
>
> What you probably want is to use a cookie based authorization.
>
> Did you already explore zope PAS?
>
> Cheers
> Tino
>
|
smime.p7s
