Logout capability

Use this board to ask questions or have discussions with other Atrium users.
Post Reply
bryanl641
New User
Posts: 9
Joined: Thu Sep 18, 2014 11:55 am
First Name: Bryan
Last Name: Leaman
Company Name: InVue Security Products
Phone: 704-752-6513 x1221
Address 1: 15015 Lancaster Hwy
City: Charlotte
State / Province: North Carolina
Zip / Postal Code: 28277
Country: United States
Contact:

Logout capability

Post by bryanl641 »

Feature request: Can you provide a logout capability in Atrium?
I know that this is an issue with Apache Basic Authentication, but I've also seen references to being able to accomplish this in javascript.
Can this be added to Atrium?
--Bryan
Scott Klement
Experienced User
Posts: 2711
Joined: Wed Aug 01, 2012 8:58 am
First Name: Scott
Last Name: Klement
Company Name: Profound Logic
City: Milwaukee
State / Province: Wisconsin

Re: Logout capability

Post by Scott Klement »

There is already a logout button in Atrium. (It's the "Exit" button in the upper-right corner.)

Is that what you're looking for? Or are you looking for something different?

Also, if you do wish to place a feature request, the best way is to e-mail support@profoundlogic.com
User avatar
David
Profound Logic Staff Member
Posts: 690
Joined: Fri Jan 04, 2008 12:11 pm
First Name: David
Last Name: Russo
Company Name: Profound Logic Software
Contact:

Re: Logout capability

Post by David »

Bryan,

As you mentioned, the problem with 'logging off' from HTTP Basic authentication is that there is no such thing. This is a limitation in the HTTP protocol and web browser design. The first time a browser is challenged for credentials in a 'session', it will present the authentication dialog box. After successful authentication, the browser will cache the credentials and automatically resend them if challenged again, for the life of the 'session'. Modern browsers merge all browser windows and tabs into 1 'session', so this means that the only way to really log off is to close ALL browser windows and tabs.

The 'JavaScript' trick you mention is a hack, what you can do is fool the browser into getting rid of the credentials by having a the HTTP server successfully 'authenticate' a set of dummy credentials which are good for only this purpose. It will then remember those, so any subsequent requests for authentication will show the dialog box again.

We have an option to make Atrium do this when you click the Log Off button, see here:

http://www.profoundlogic.com/docs/displ ... and+Logoff

This approach does have limitations as mentioned in the doc, so it's not enabled by default.
Post Reply

Who is online

Users browsing this forum: Bing [Bot] and 0 guests