[ previous ] [ next ] [ threads ]
 From:  "Holger Bauer" <Holger dot Bauer at citec dash ag dot de>
 To:  "Christoph Gysin" <cgysin at gmx dot ch>, "Manuel Kasper" <mk at neon1 dot net>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  AW: [m0n0wall] feature request
 Date:  Fri, 10 Dec 2004 10:34:53 +0100
Netgear Routers have a logout-function, but I don´t know if this "logout" is really secure. I only
know, that you can´t manage the Router from another Ip-adress if there is someone logged in already
from somewhere else. I haven´t checked out, what happens, if I try to reconnect from the same
browser and machine after logging out. I have m0n0walls now everywhere, so it´s hard for me to test
now, but next time I get my hands on a netgear I´ll do a test. Maybe someone else who reads this
could test it.

kind regards,
Holger Bauer

-----Ursprüngliche Nachricht-----
Von: Manuel Kasper [mailto:mk at neon1 dot net]
Gesendet: Freitag, 10. Dezember 2004 10:19
An: Christoph Gysin
Cc: m0n0wall at lists dot m0n0 dot ch
Betreff: Re: [m0n0wall] feature request

Christoph Gysin said:
> Barry Mather wrote:
>> Would be good to include a logout button that ditches the auth session,
>> for fairly obvious reasons ...
> I also vote for this feature. Is there any reason why this isn't in
> monowall yet?

You can't really "logout" with HTTP authentication; you'd have to convince
your browser to forget the login credentials that you entered, so it's a
browser issue. There's no "session" on m0n0wall that could be killed; the
credentials are sent with each request. We could return a 401 response, as
this makes some browsers clear the cached credentials, but AFAIR this
isn't necessarily true.

- Manuel

To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch

Virus checked by G DATA AntiVirusKit
Version: AVK 15.0.1458 from 10.12.2004
Virus news: www.antiviruslab.com

Virus checked by G DATA AntiVirusKit