Some time ago there were some questions about how to realize a logout from realms protected by .htaccess files without having to close the browser and empty all cached files (which most users don't do, even if they sould!).
Here's what I found out:
[I have read this one elsewhere and used it]
1. Create another realm which is protected by .htaccess 2. Create .htpasswd-file for it 3. Create a "dummy" user, mine is "logout:logout"
Now put a file into that directory that sends html-standard-code 401 Unauthorized! I do it using perl/cgi like this:
--- perl code ---
use CGI qw/:standard/; print header(-status=>'401 Unauthorized');
--- end of code ---
Now you only have to create a link point to that file:
You can even keep the browser running, the browser will even have some of the protected pages in cache, but every new "reload" causes a new authorization procedure!
I use this to protect an cgi-application that often changes values and is reloaded several times for this purpose (calls itself with changed input-field-values). For this kind of content it works perfectly!
Hope someone find's this helpful, I was puzzling a whole night to find that out - and it's soooo easy, once you know how it's done!
[edited by: jatar_k at 4:17 pm (utc) on July 23, 2003] [edit reason] email in profile thanks [/edit]