Opened 10 years ago

Closed 10 years ago

Last modified 10 years ago

#3317 closed defect (invalid)

When I click Logout I remain logged in

Reported by: Trevor Doorley Owned by: Noah Kantrowitz
Priority: normal Component: PermRedirectPlugin
Severity: normal Keywords:
Cc: Trac Release: 0.11


Tested with IE7 and Firefox 3.

With the plug-in enabled I always remain logged in on whatever page I was viewing when I click Logout.

The option for the browser to remember the password has been set.

Attachments (0)

Change History (5)

comment:1 Changed 10 years ago by Noah Kantrowitz

Are you using normal HTTP authentication or AccountManager?

comment:2 Changed 10 years ago by Trevor Doorley

Forgot to mention that without the plug-in enabled I get a permission error whenever I click Logout.

comment:3 Changed 10 years ago by Trev

Just a basic digest. Trac is actually running as a windows service that's exposed on a specifically assigned port.

comment:4 Changed 10 years ago by Noah Kantrowitz

Resolution: invalid
Status: newclosed

This is the expected behavior then. All modern browsers cache HTTP auth credentials as long as the browser is open. When you click logout you are sent back to a page you don't have permissions for, so the plugin redirects you to /login. Then your browser takes the cached credentials and logs you back in. If you use AccountManagerPlugin, which allows form-based logins instead of HTTP auth, you can get real logout, and things will work as expected.

comment:5 Changed 10 years ago by anonymous

Thanks for taking the time to explain this. I'll install the AccountManagerPlugin.

Modify Ticket

Change Properties
Set your email in Preferences
as closed The owner will remain Noah Kantrowitz.
The resolution will be deleted.

Add Comment

E-mail address and name can be saved in the Preferences.

Note: See TracTickets for help on using tickets.