[RFE] "Logoff" from a basic authenticated realm

VERIFIED DUPLICATE of bug 55181

Status

()

Core
Networking: HTTP
--
enhancement
VERIFIED DUPLICATE of bug 55181
17 years ago
17 years ago

People

(Reporter: timtas, Assigned: Darin Fisher)

Tracking

Trunk
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

17 years ago
Hi

As I understand basic authentication, if a server responds to a request with
code 401 and a header:

WWW-Authenticate: basic realm="any_given_realm"

the browser will ask for userid/password and store it in his memory together
with the realm and the host (and the URL path for convenience). This information
is kept until the user closes the browser, giving him:
- no chance to log in using a different account
- no chance to logoff so he may leave his computer to go to the toilet

without having to close the browser.

As I understand the mechanism, it should not be difficult to implement a Logoff
and it would be a major convenience for users. I think of a list of currently
"active " basic authenticated sessions and if the users chooses to logoff, the
cached authentication information would just be dropped. All the necessary data
seems to be stored already in the browser anyway.

Bye
Tim

Comment 1

17 years ago
this is already reported. I'm hoping it's reported in psm (however it might be 
in UID).
Assignee: asa → ssaux
Component: Browser-General → Client Library
Product: Browser → PSM
QA Contact: doronr → junruh
Whiteboard: DUPEME
Version: other → 2.2

Comment 2

17 years ago
I don't think this is PSM. There's no crypto involved.

Over to browser->security/general
Assignee: ssaux → mstoltz
Component: Client Library → Security: General
Product: PSM → Browser
QA Contact: junruh → bsharma
Version: 2.2 → other
Over to Networking:HTTP for basic-auth issues. Confirming - this is a valid RFE.
Assignee: mstoltz → darin
Status: UNCONFIRMED → NEW
Component: Security: General → Networking: HTTP
Ever confirmed: true
QA Contact: bsharma → tever
Summary: Missing Possibility to "Logoff" from a basic authenticated realm → [RFE] "Logoff" from a basic authenticated realm

*** This bug has been marked as a duplicate of 55181 ***
Status: NEW → RESOLVED
Last Resolved: 17 years ago
Resolution: --- → DUPLICATE
verified
Status: RESOLVED → VERIFIED
Whiteboard: DUPEME
You need to log in before you can comment on or make changes to this bug.