I think you need also to specify the realm, so a simple cgi script may not suffice, though I haven't tested it. It is simplier to use Apache: create another protected area with the same realm (same AuthName), but with an empty passwd file, and redirect there users that want to log out:
<Location "/protected"> ErrorDocument 401 /docs/register.html Order deny,allow Deny from all AuthType Basic AuthUserFile /path/to/real/passwd AuthName "Protected Area" Require valid-user satisfy any </Location> <Location "/protected/logout"> ErrorDocument 401 /docs/loggedout.html Order deny,allow Deny from all AuthType Basic AuthUserFile /path/to/empty/passwd AuthName "Protected Area" Require valid-user satisfy any </Location>
You can also use Apache ErrorDocument directive to show user friendly messages.
I don't like this solution because it forces final users to fail a login to be logged out. With mod_perl it is possible to build very neat and sophisticated authentication systems; chapter 6 of Writing Apache Modules with Perl and C is about Authentication & Authorization and is available online here.
HTH, Valerio
In reply to Re: Re: Re: Re: Need help creating an Apache session logout script with Perl/CGI without the use cookies.
by valdez
in thread Need help creating an Apache session logout script with Perl/CGI without the use cookies.
by Anonymous Monk
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |