On 10/3/07, Michael Terrington <[EMAIL PROTECTED]> wrote: > > Adam Taft wrote: > > The user agent, of course, still prompts the user for credentials when > > it's appropriate to do so. The login process, as the end user perceives > > it, still happens. It's just all about thinking in "stateless" RESTful > > terms, which is it seems hard for some (many? most??) web developers. > > The problem I have with HTTP authentication is that browsers don't > provide a "logout" mechanism. Perhaps there's some way to clear the > authentication details from Javascript?
Not so hard to do from Firefox, but, yeah, that's awkward. You can do it by forcing a 401, but, again, awkward. -- Geoffrey Wiseman
