On Fri, 2004-12-10 at 10:18, Manuel Kasper wrote:
> You can't really "logout" with HTTP authentication; you'd have to convince
> your browser to forget the login credentials that you entered, so it's a
> browser issue. There's no "session" on m0n0wall that could be killed; the
> credentials are sent with each request. We could return a 401 response, as
> this makes some browsers clear the cached credentials, but AFAIR this
> isn't necessarily true.

It ISN'T true. Had that discustion with a customer some years ago, so I
had to convince him ;-)

I tested most browsers available at that time, and as far as I remember,
about 1/3 of them I tested didn't forget the credentials.
-- 
Henning Wangerin <mailinglists dash after dash 041101 underscore reply dash not dash possible at hpc dot dk>