Version 2 (modified by 18 years ago) (diff) | ,
---|
True logout mechanism for Basic/Digest Authentication
Notice: This plugin is unmaintained and available for adoption.
Description
This patch allows to logout from Basic/Digest Auth without closing the browser.
On one hand Apache claims that it is not possible.
On other hand, Nano Documet give a solution that works with most recent browsers.
This patch works for tracd
standalone. There's no need of Apache or any other server.
I am lazy tonight, so i give you only the file changes.
This patch should work on all platform, although I've tested Windows only.
Usage
- first remove buggy AuthFormPlugin ;-)
- file
Share\trac\htdocs\js\trac.js
, append at the end of file:function clearAuthenticationCache() { try{ var agt=navigator.userAgent.toLowerCase(); if (agt.indexOf("msie") != -1) { // IE clear HTTP Authentication document.execCommand("ClearAuthenticationCache"); } else { // Let's create an xmlhttp object var xmlhttp = createXMLObject(); // Let's get the force page to logout for mozilla xmlhttp.open("GET",".force_logout_offer_login_mozilla",true,"logout","logout"); // Let's send the request to the server xmlhttp.send(""); // Let's abort the request xmlhttp.abort(); } // Let's redirect the user to the main webpage // window.location = "/rest/"; } catch(e) { // There was an error alert("there was an error"); } } function createXMLObject() { try { if (window.XMLHttpRequest) { xmlhttp = new XMLHttpRequest(); } // code for IE else if (window.ActiveXObject) { xmlhttp=new ActiveXObject("Microsoft.XMLHTTP"); } } catch (e) { xmlhttp=false } return xmlhttp; }
- file
Lib\site-packages\trac\web\auth.py
, locate methodget_navigation_items
, and change:yield ('metanav', 'logout', Markup('<a href="%s">Logout</a>' % escape(self.env.href.logout())))
to:yield ('metanav', 'logout', Markup('<a href="%s" onclick="clearAuthenticationCache();return true;">Logout</a>' % escape(self.env.href.logout())))
- Now that's ok to start
tracd
and test logout feature.
Recent Changes
Author/Contributors
Author: flox
Contributors:
Attachments (2)
-
trac-0.10.2_basic-auth-logout.patch (2.1 KB) - added by 17 years ago.
Adapted for v0.10.2: 'tis a hack but it solved my problem.
-
True_logout_patch_trunk_updated.diff (2.1 KB) - added by 16 years ago.
updated patch for trac svn trunk 2008/03/11
Download all attachments as: .zip