On 4/24/06, Paul Taylor <ptaylor at addressplus dot net> wrote:
> As far as why there isn't a logout button - I don't believe there is
> a universal method (other than closing the browser) that works to log
> you out across various browsers.
> One day, I was looking through the
> pfSense code and found that they had tried adding a logout button,
> which simply was a link to http://baduser:badpassword@yourMonowall.
> I was initially excited thinking that this was a very simple way to
> log out of Monowall, but I believe they pulled this feature because
> of how poorly it worked across browsers.
Yeah, had Scott searched this list's archives first, Manuel has
discussed in the past how this is "supposed" to work, but doesn't work
in most browsers. I believe it's supposed to be if you send back a
403 to the browser, it's supposed to forget its credentials. Doesn't
work that way though.