[1736] in WWW Security List Archive
Re: User Auth. -Reply
daemon@ATHENA.MIT.EDU (Baber Amin)
Wed Mar 27 14:42:56 1996
Date: Wed, 27 Mar 1996 11:21:37 -0500
From: Baber_Amin@novell.com (Baber Amin)
To: swcheung@hkimd.cig.mot.com, seth@hygnet.com, www-security@ns2.rutgers.edu
Errors-To: owner-www-security@ns2.rutgers.edu
Can I send a failed authentication responce to the browser after the browser has been using
the authenticated session for a while and now wishes to logout.
Baber
:)
>>> Seth I. Rich <seth@hygnet.com> 03/26/96 01:31pm >>>
>>I got a question about User Auth. How can I force or allow my users to >"logout" without
>>quitting the client?
>>In my experience, if you send them a failed authentication response, the browser will forget
>>about the password it had been using, effectively logging the user out. If the user wants in
>>again, s/he will have to re-authenticate.
>>Seth
>>---------------------------------------------------------------------------
>>Seth I. Rich - seth@hygnet.com - (610) 859-0100
>>Systems Administrator / Webmaster, HYGNet My words are my own; please
>>Rabbits on walls, no problem. don't blame my employer!
