Mid-Atlantic Developer Conference


Please answer this simple SPAM challenge: max(five, three)?
(Example: nine)

The Note You're Voting On

ceo at l-i-e dot com
8 years ago
To force a logout with Basic Auth, you can change the Realm out from under them to a different Realm.

This forces a new set of credentials for a new "Realm" on your server.

You just need to track the Realm name with the user/pass and change it around to something new/random as they log in and out.

I believe that this is the only 100% guaranteed way to get a logout in HTTP Basic Auth, and if it were part of the docs a whole lot of BAD user-contributed comments here could be deleted.

<< Back to user notes page

To Top