Feature request: Can you provide a logout capability in Atrium?
I know that this is an issue with Apache Basic Authentication, but I've also seen references to being able to accomplish this in javascript.
Can this be added to Atrium?
--Bryan
Logout capability
-
bryanl641
- New User
- Posts: 9
- Joined: Thu Sep 18, 2014 11:55 am
- First Name: Bryan
- Last Name: Leaman
- Company Name: InVue Security Products
- Phone: 704-752-6513 x1221
- Address 1: 15015 Lancaster Hwy
- City: Charlotte
- State / Province: North Carolina
- Zip / Postal Code: 28277
- Country: United States
- Contact:
-
Scott Klement
- Experienced User
- Posts: 2711
- Joined: Wed Aug 01, 2012 8:58 am
- First Name: Scott
- Last Name: Klement
- Company Name: Profound Logic
- City: Milwaukee
- State / Province: Wisconsin
Re: Logout capability
There is already a logout button in Atrium. (It's the "Exit" button in the upper-right corner.)
Is that what you're looking for? Or are you looking for something different?
Also, if you do wish to place a feature request, the best way is to e-mail support@profoundlogic.com
Is that what you're looking for? Or are you looking for something different?
Also, if you do wish to place a feature request, the best way is to e-mail support@profoundlogic.com
-
David
- Profound Logic Staff Member
- Posts: 690
- Joined: Fri Jan 04, 2008 12:11 pm
- First Name: David
- Last Name: Russo
- Company Name: Profound Logic Software
- Contact:
Re: Logout capability
Bryan,
As you mentioned, the problem with 'logging off' from HTTP Basic authentication is that there is no such thing. This is a limitation in the HTTP protocol and web browser design. The first time a browser is challenged for credentials in a 'session', it will present the authentication dialog box. After successful authentication, the browser will cache the credentials and automatically resend them if challenged again, for the life of the 'session'. Modern browsers merge all browser windows and tabs into 1 'session', so this means that the only way to really log off is to close ALL browser windows and tabs.
The 'JavaScript' trick you mention is a hack, what you can do is fool the browser into getting rid of the credentials by having a the HTTP server successfully 'authenticate' a set of dummy credentials which are good for only this purpose. It will then remember those, so any subsequent requests for authentication will show the dialog box again.
We have an option to make Atrium do this when you click the Log Off button, see here:
http://www.profoundlogic.com/docs/displ ... and+Logoff
This approach does have limitations as mentioned in the doc, so it's not enabled by default.
As you mentioned, the problem with 'logging off' from HTTP Basic authentication is that there is no such thing. This is a limitation in the HTTP protocol and web browser design. The first time a browser is challenged for credentials in a 'session', it will present the authentication dialog box. After successful authentication, the browser will cache the credentials and automatically resend them if challenged again, for the life of the 'session'. Modern browsers merge all browser windows and tabs into 1 'session', so this means that the only way to really log off is to close ALL browser windows and tabs.
The 'JavaScript' trick you mention is a hack, what you can do is fool the browser into getting rid of the credentials by having a the HTTP server successfully 'authenticate' a set of dummy credentials which are good for only this purpose. It will then remember those, so any subsequent requests for authentication will show the dialog box again.
We have an option to make Atrium do this when you click the Log Off button, see here:
http://www.profoundlogic.com/docs/displ ... and+Logoff
This approach does have limitations as mentioned in the doc, so it's not enabled by default.
Who is online
Users browsing this forum: No registered users and 0 guests