W3C home > Mailing lists > Public > whatwg@whatwg.org > December 2004

[whatwg] connecting usernames and passwords

From: Matthew Thomas <mpt@myrealbox.com>
Date: Sat, 18 Dec 2004 18:15:47 +1300
Message-ID: <E05E9B44-50B3-11D9-9523-000A95AD3972@myrealbox.com>
On 18 Dec, 2004, at 6:43 AM, Greg Kilwein wrote:
>
> Related to this, it would be nice to have a standard, simple way for a 
> browser session to "log out" of its HTTP authentication.? Currently 
> with some UAs, a user must to close all of his or her browser windows 
> and/or tabs in order to be able to log in as someone else.

That's entirely the fault of the browser vendors; they haven't bothered 
to implement it in a convenient way. (See for example 
<https://bugzilla.mozilla.org/show_bug.cgi?id=260839>.)

> ...
> I'm not sure of the best way to accomplish this log out functionality 
> (headers? HTML tags?)

There's no need for authors to do anything extra; browsers just need to 
do a full implementation of HTTP authentication (i.e. one that includes 
the ability to log out). A browser using my design for logging in, for 
example, could change the panel for logging in to one for logging out:

  ____________________________________________________________
| Committee Members Area             ID: [        ]          |
| foo.example.org              Password: [        ] (Log In )|
|""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""|
:                                                            :
                               |
                               V
  ____________________________________________________________
| Committee Members Area   Logged in as: gregk               |
| foo.example.org        Stay logged in: [1 week:^] (Log Out)|
|""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""|
:                                                            :

-- 
Matthew Thomas
http://mpt.net.nz/
Received on Friday, 17 December 2004 21:15:47 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 16:58:38 UTC