BasicLogout
<< | Cookbook-V1 | >>
Note: The recipes here are for PmWiki versions 0.6 and 1.0 only. For PmWiki 2.0 recipes, see Cookbook.
Goal
Logout from basic authentication (htaccess) realm without closing the browser.
Solution
Add the following lines to local.php:
SDV($HandleActions['logout'],'HandleLogout');
function HandleLogout($pagename) {
global $AuthRealmFmt,$AuthDeniedFmt;
$realm=FmtPageName($AuthRealmFmt,$pagename);
header("WWW-Authenticate: Basic realm=\"$realm\"");
header("Status: 403 Forbidden");
header("HTTP-Status: 403 Forbidden");
PrintFmt($pagename, '<html><head><meta http-equiv="pragma" content="no-cache">
<meta http-equiv="expires" content="0"></head><body>
Please reload this page for logout and clear the browser cache.
</body></html>');
exit;
}
Add the option "?action=logout" to wiki pages links.
Discussion
In some internet cafes it isn't possible to close the browser window or access internet options for clearing the password cache of the browser.
With this function it is possible to send an authentication error to the browser, which in most cases causes it (at least Internet Explorer and Mozilla) to remove the password for the current realm from cache.
As a matter of fact, the user has to logout for each realm (i.e. group) he has logged in within the session.
Note
User authorization provides a logout function (see UserAuth). Don't try to implement both UserAuth and BasicLogout.
Contributors
- Reinhard Hofmann
pmwiki-2.3.38 -- Last modified by {{Constantin Basturea}}