[Zope] Strange CookieCrumbler problem
Shane Hathaway
shane@zope.com
Mon, 17 Sep 2001 13:23:31 -0400
Ron Bickers wrote:
> 5) If I then log in with basic auth and logout using manage_zmi_logout, my
> next attempt to access the protected document still brings up the basic auth
> window instead of the form. The only way I found to get back to the cookie
> auth is to restart my browser. :-(
>
> Is this a bug in CookieCrumbler?
I would say this is a bug in the HTTP spec. The HTTP spec doesn't
actually provide a way to log out. See section 15.6 of the HTTP spec:
ftp://ftp.isi.edu/in-notes/rfc2616.txt
manage_zmi_logout just uses a method that usually works. If your
browser doesn't do what you expect when it comes to logging out using
HTTP AUTH, well... join the club. ;-)
Shane