Check this out: http://newsgroups.bea.com/cgi-bin/dnewsweb?cmd=article&group=weblogic.developer.interest.security&item=6968&utag=
Regards, Sudarson -----Original Message----- From: �run.N [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 19, 2002 7:00 PM To: [EMAIL PROTECTED] Subject: Re: BASIC authentication logout problem, session invalidation hmm.. not that.. when logout link is clicked the session is invalidated. that is ok.. but if he opens the same url again the page will be displayed as the browser sends the Authorisation headers. but until we close and open the browser it is not prompting for password again. and i am not sure that u understand the basic authentication and if u understand that.. tell me how to do an logout after doing login in BASIC or DIGEST Auth ? any links will be helpful.. reg Arun.N ----- Original Message ----- From: Galbreath, Mark To: [EMAIL PROTECTED] Sent: Tuesday, March 19, 2002 11:46 PM Subject: Re: [SERVLET-INTEREST] BASIC authentication logout problem, session invalidation I'm not sure I understand your problem. Are you saying that the user session persists after the user logs off and you want to invalidate the session at that point? Mark -----Original Message----- From: �run.N [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 19, 2002 7:28 AM To: [EMAIL PROTECTED] Subject: BASIC authentication logout problem, session invalidation Hi All, Is there any solution for doing a proper logout after the user is logged in with a BASIC auth information. session invalidation is useless because the access to the resources is allowed as the browser keeps sending the "Authorisatoin" header until it is closed and opened. I need in a way such that after logout, if came back to the same page .... BASIC auth window should pop up againg prompting for username and password. right now i have done using a session variable to check if the user has logged out and prompting him to close and restart the browser. Thankx, regards, Arun.N ___________________________________________________________________________ To unsubscribe, send email to [EMAIL PROTECTED] and include in the body of the message "signoff SERVLET-INTEREST". Archives: http://archives.java.sun.com/archives/servlet-interest.html Resources: http://java.sun.com/products/servlet/external-resources.html LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
