Thank you for your quick replay. I am using CookieCrumbler product
which does cookie based authentication. The product modify the client
request and server response but when user want to log out it calling the
"manage_zmi_logout"  functaion which pass  basic authenticate in response
header that's  why it  calling  login window . I don't want to show any
window and also i want to fully logout  user  from zope is any way to do
that .

Thank and Regards,

On Wed, Sep 17, 2008 at 6:58 PM, Tino Wildenhain <[EMAIL PROTECTED]> wrote:

> vaibhav pol wrote:
>> Dear all,
>>          I create logout page in my site when user want to logout it will
>> submit the page  of page submit i called "manage_zmi_logout" function .
>> which promt me for again  login user name password window i want redirect
>>  user to login page  but  if redirect  whiout calling "manage_zmi_logout"
>> function user not actualy logout from zope is any other way to kill user
>> session  please tell me.
> Is there a question somewhere?
> Looks like you are trying to log out a "basic auth". This is not
> really possible - the protocol has nothing to support it.
> What zope does is using a dirty trick - most browsers expire
> sending the auth header when they get a 401 response (look up your
> copy of rfc2616).
> What you probably want is to use a cookie based authorization.
> Did you already explore zope PAS?
> Cheers
> Tino
Zope maillist  -  Zope@zope.org
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-dev )

Reply via email to