On Tue, 23 Apr 2002, Morten Ronseth wrote: > Anybody know how to revoke the HTTP authentication, i.e. log people out, > using PHP?
With most browsers, you can send HTTP status 401 and re-send your realm in the WWW-Authenticate header. The browser will assume its cached credentials have become invalid and toss them, asking the user once again to log in. It's still a little awkward, and is one more reason why using session/cookie-based auth is much friendlier. miguel -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php