Log-out of secure area script

N

Noel S Pamfree

Our website hosting company set up a secure directory for a link from our
website. When anyone clicks on the link they are prompted for a username and
password. It works well but the only way to log-out stopping the next person
using a machine to have access is to close down the browser window.

Unfortunately our webhosting company tells me they do not provide any
scripts for logging-out. They have no objection to us uploading one.

I am not an expert at this sort of thing and I have no idea how to do it.

Any suggestions would be welcome.

Noel
 
B

Benjamin Niemann

Hello,
Our website hosting company set up a secure directory for a link from our
website. When anyone clicks on the link they are prompted for a username
and password. It works well but the only way to log-out stopping the next
person using a machine to have access is to close down the browser window.

Unfortunately our webhosting company tells me they do not provide any
scripts for logging-out. They have no objection to us uploading one.

I am not an expert at this sort of thing and I have no idea how to do it.

Any suggestions would be welcome.
Click to expand...

It's not completely clear, how your login works. It could (a) be HTTP
authentication or (b) some custom implementation involving a HTTP form and
sessions.

In case (b) you basicly have to clear the session data (a simple file or a
row in a database) on the server.

In case (a) there simply is no standartized way to 'logout'. HTTP is
stateless, so there is no concept of a user session and no logging in or
out. With HTTP authentication the browser has to send the user credentials
(login/password) with every request. Browser just ask for the credentials
once and (as long as they are accepted by the server) reuse them.
So 'logging out' is essential telling the browser to forget the
credentials. How this can be done is browser dependent. Closing the browser
works in all browsers I know of. For FireFox there is an extension that
lets you clear the stored crendentials. Other browsers may have similar
tools, but there is no way for the server to trigger this action.

And: closing the browser window, is the least thing one has to do, after
using a shared computer to access private/protected data.


HTH
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Problem with a login script, SESSION user rights and put this together so it works with the other pages and MySQL. Code examples. 2
Job Opportunity: Software Engineers at growing start-up!(Philadelphia, PA area) 1
Working on mobile css menu with plenty of frustration! 2
Log on a user via ASP script? 1
Perl script running external command 3
Trying to create a secure app that never times out - very confused 1
Forgotten Password script 1
ANN: eGenix mxODBC Connect 2.1.0 - Python ODBC Database Interface 0

Members online

Total: 32 (members: 2, guests: 30)
Robots: 173

Forum statistics

Threads
473,755
Messages
2,569,534
Members
45,008
Latest member
Rahul737

Latest Threads

Top