[ previous ] [ next ] [ threads ]
 
 From:  Henning Wangerin <mailinglists dash after dash 041101 underscore reply dash not dash possible at hpc dot dk>
 To:  Manuel Kasper <mk at neon1 dot net>
 Cc:  Christoph Gysin <cgysin at gmx dot ch>, m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] feature request
 Date:  Fri, 10 Dec 2004 10:41:07 +0100
On Fri, 2004-12-10 at 10:18, Manuel Kasper wrote:
> You can't really "logout" with HTTP authentication; you'd have to convince
> your browser to forget the login credentials that you entered, so it's a
> browser issue. There's no "session" on m0n0wall that could be killed; the
> credentials are sent with each request. We could return a 401 response, as
> this makes some browsers clear the cached credentials, but AFAIR this
> isn't necessarily true.

It ISN'T true. Had that discustion with a customer some years ago, so I
had to convince him ;-)

I tested most browsers available at that time, and as far as I remember,
about 1/3 of them I tested didn't forget the credentials.
-- 
Henning Wangerin <mailinglists dash after dash 041101 underscore reply dash not dash possible at hpc dot dk>