On Tue, 23 Apr 2002, Morten Ronseth wrote:
> Anybody know how to revoke the HTTP authentication, i.e. log people out,
> using PHP?

With most browsers, you can send HTTP status 401 and re-send your realm in 
the WWW-Authenticate header. The browser will assume its cached 
credentials have become invalid and toss them, asking the user once again 
to log in.

It's still a little awkward, and is one more reason why using 
session/cookie-based auth is much friendlier.


PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to