Closed Bug 120092 Opened 23 years ago Closed 23 years ago

[RFE] "Logoff" from a basic authenticated realm

Categories

(Core :: Networking: HTTP, enhancement)

Product:
Core
Component:
Networking: HTTP
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

()

Status:
VERIFIED DUPLICATE of bug 55181

People

(Reporter: timtas, Assigned: darin.moz)

Details

Hi

As I understand basic authentication, if a server responds to a request with
code 401 and a header:

WWW-Authenticate: basic realm="any_given_realm"

the browser will ask for userid/password and store it in his memory together
with the realm and the host (and the URL path for convenience). This information
is kept until the user closes the browser, giving him:
- no chance to log in using a different account
- no chance to logoff so he may leave his computer to go to the toilet

without having to close the browser.

As I understand the mechanism, it should not be difficult to implement a Logoff
and it would be a major convenience for users. I think of a list of currently
"active " basic authenticated sessions and if the users chooses to logoff, the
cached authentication information would just be dropped. All the necessary data
seems to be stored already in the browser anyway.

Bye
Tim
this is already reported. I'm hoping it's reported in psm (however it might be 
in UID).
Assignee: asa → ssaux
Component: Browser-General → Client Library
Product: Browser → PSM
QA Contact: doronr → junruh
Whiteboard: DUPEME
Version: other → 2.2
I don't think this is PSM. There's no crypto involved.

Over to browser->security/general
Assignee: ssaux → mstoltz
Component: Client Library → Security: General
Product: PSM → Browser
QA Contact: junruh → bsharma
Version: 2.2 → other
Over to Networking:HTTP for basic-auth issues. Confirming - this is a valid RFE.
Assignee: mstoltz → darin
Status: UNCONFIRMED → NEW
Component: Security: General → Networking: HTTP
Ever confirmed: true
QA Contact: bsharma → tever
Summary: Missing Possibility to "Logoff" from a basic authenticated realm → [RFE] "Logoff" from a basic authenticated realm

*** This bug has been marked as a duplicate of 55181 ***
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → DUPLICATE
verified
Status: RESOLVED → VERIFIED
Whiteboard: DUPEME
You need to log in before you can comment on or make changes to this bug.