0

In my company, I had designed a php-mysql-jquery website for intranet inventory. The web server (iis8) is hosted in a windows 8 machine which is connected to the Active directory. I needed to provide a AD authentication for my website and for that I enabled the windows authentication feature for authenticating users before they access my website.

The feature is working fine and users are now able to log-in! But I need them to log-off from the website. But I couldn't find any code in the internet to do that. What I need to do now is, tell the users to restart the browser and clear the browser history. Do anybody know anything about this? Is there is an alternative method ?

I tried this code

html><head>
<script type="text/javascript">
function logout() {
    var xmlhttp;
    if (window.XMLHttpRequest) {
          xmlhttp = new XMLHttpRequest();
    }
    // code for IE
    else if (window.ActiveXObject) {
      xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");
    }
    if (window.ActiveXObject) {
      // IE clear HTTP Authentication
      document.execCommand("ClearAuthenticationCache");
      window.location.href='/where/to/redirect';
    } else {
        xmlhttp.open("GET", '/path/that/will/return/200/OK', true, "logout", "logout");
        xmlhttp.send("");
        xmlhttp.onreadystatechange = function() {
            if (xmlhttp.readyState == 4) {window.location.href='/where/to/redirect';}
        }


    }


    return false;
}
</script>
</head>
<body>
<a href="#" onclick="logout();">Log out</a>
</body>
</html>

what is /path/that/will/return/200/OK ?

user3784564
  • 41
  • 5
  • try this post: http://stackoverflow.com/questions/449788/http-authentication-logout-via-php – Niels Jul 18 '14 at 20:21

1 Answers1

0

If I understood.

Are you storing variable in $_SESSION to keep your users logged?

if yes, you can create a log out file and put Session destroy. if you are using cookies you need clear the cookies in logout file.

ivanfromer
  • 329
  • 1
  • 5