CGI::App::Plugin::Authentication logout issues.

hesco has asked for the wisdom of the Perl Monks concerning the following question:

I'm having issues with the logout method.

I have a logout_button which renders a form that sets a hidden fields 'authen_logout' to 1. I am also calling $self->authen->logout(); directly. But in either case, I get back in my browser, the following:

Forbidden:  You don't have permission to access / on this server.
[download]

Any ideas what I might be missing?

I even have dispatch logic which looks like this:

if ($button eq 'Logout') {
  $logger->debug('dpr_EnterPrsRls logout button chosen.\n"');
  $form->param(-name => 'authen_logout', -value => '1');
  $self->authen->logout();
[download]

The behavior I expect to see is that a new login form is displayed.

The behavior I observe is the Forbidden message, after a reload, another Forbidden message, then I use back to get back to the menu. When I attempt to load another authenticated runmode, I am finally diverted to the login form.

All help is appreciated.

-- Hugh

Comment on CGI::App::Plugin::Authentication logout issues. Select or Download Code

Replies are listed 'Best First'.
Re: CGI::App::Plugin::Authentication logout issues. by helphand (Pilgrim) on Mar 18, 2006 at 22:10 UTC
Do you have LOGIN_URL or LOGIN_RUNMODE set? Either will override the default automatic simple login page. Scott Updated:Note, POST_LOGIN_RUNMODE or POST_LOGIN_URL might also be something to look at.	[reply]
Re: CGI::App::Plugin::Authentication logout issues. by cees (Curate) on Mar 21, 2006 at 20:45 UTC
Where in your code are you calling $self->authen->logout(), and what do you do afterwards? It is hard to guess what is going on without seeing the code in context. Have you tried the example code that comes with the module? You could try to emulate that code and see how it works with regards to the logout button.	[reply]
Re: CGI::App::Plugin::Authentication logout issues. by hesco (Deacon) on Mar 19, 2006 at 23:32 UTC
helphand: Thank you. That moved me one step closer. I had defined LOGIN_RUNMODE in invoking the auth object. But this still is not quite working as expected. Using the logout button still results in a browser message of: "Forbidden: You don't have permission to access / on this server." I have to use the back button to get back into my app and then only see the login form again when I attempt to access some other authenticated service. -- Hugh	[reply]