vpapado wrote:
Hello,
I have a problem in logout mechanism for my web app. For logging in I use
Digest Authentication. Here is how things go:
...
Is there a problem in logout mechanism for Digest Authentication? Is logout
not supported for diggest authentication? How could I manage to logout?
I use Tomcat6.
In HTTP neither Basic nor Digest authentication provide a "logout"
mechanism. That is not an issue specific to Tomcat, it is a generic
characteristic of the protocol.
The browser "memorises" the authentication entered by the user for a
combination of host/realm, and will automatically re-submit the needed
authentication headers whenever the server requests an authentication
for the same realm, without user intervention.
In other words, the only way to "logout" is to close the browser and
re-open it.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
