I am running a LAMP server and when users access the server homepage I am using the Apache basic authentication to log them in. Is there a way to force the user to logout (or be logged out)? I tried the mod_session & mod_auth_form to no avail. The page I'm using is a mix of php/html. I am self taught on all of my programming skills so I lack the depth to get a workable solution. Thanks.
Asked
Active
Viewed 1,404 times
2 Answers
1
The short answer is you can't.
Check these sources:
No correct way exists, not even one that's consistent across browsers.
Consequently, the answer to this question is, you can't. Sorry.
However, there are certain ways for CERTAIN browsers. If you plan to only support a specific browser, which is a valid course of action, there are hackish ways of accomplishing it.
However, the jury is out. If you want to log out HTTP authenticated users with extensive browser support, you're out of luck.
Community
- 1
- 1
Kenny Worden
- 4,335
- 11
- 35
- 62
1
After looking at these suggestions I worked out a solution, albeit not a clean and elegant one. I followed the idea of the protected folder with an htaccess file. When the user clicks on my logout link they get a JavaScript alert to click on cancel when prompted for username and password. In my htaccess file I put in an override for a custom 401 error document which I then made as a logout page. The user clicks cancel and gets redirected to the page telling them the logout was successful. I put a link on that page to log back in as well. With Firefox so far the user has always had to submit credentials to log back in. Dirty but it works.
EnterUserNameHere
- 153
- 7