Version 26 (modified by 7 years ago) (diff) | ,
---|
True logout mechanism for Basic/Digest Authentication
Notice: This plugin is unmaintained and available for adoption.
Description
This patch allows you to logout from Basic/Digest Auth without closing the browser.
- Apache claims that it is not possible.
- Nano Documet gives a solution that simply works.
The concept is explained on Berend de Boer page.
This patch works for tracd
standalone. There's no need of Apache or any other server.
This patch should work on all platform, although I've only tested version 0.9.6 on Windows XP.
Notes:
- Tested successfully with Firefox and Internet Explorer 6.
- It works fine with Camino.
- It may not work with Safari and Konqueror.
Usage
- file
Share\trac\htdocs\js\trac.js
, append at the end of file:function clearAuthenticationCache(page) { // Default to a non-existing page (give error 500). // An empty page is better, here. if (!page) page = '.force_logout'; try{ var agt=navigator.userAgent.toLowerCase(); if (agt.indexOf("msie") != -1) { // IE clear HTTP Authentication document.execCommand("ClearAuthenticationCache"); } else { // Let's create an xmlhttp object var xmlhttp = createXMLObject(); // Let's prepare invalid credentials xmlhttp.open("GET", page, true, "logout", "logout"); // Let's send the request to the server xmlhttp.send(""); // Let's abort the request xmlhttp.abort(); } } catch(e) { // There was an error return; } } function createXMLObject() { try { if (window.XMLHttpRequest) { xmlhttp = new XMLHttpRequest(); } // code for IE else if (window.ActiveXObject) { xmlhttp=new ActiveXObject("Microsoft.XMLHTTP"); } } catch (e) { xmlhttp=false } return xmlhttp; }
- file
Lib\site-packages\trac\web\auth.py
, locate methodget_navigation_items
, and change:yield ('metanav', 'logout', Markup('<a href="%s">Logout</a>' % escape(self.env.href.logout())))
to:yield ('metanav', 'logout', Markup('<a href="%s" onclick="clearAuthenticationCache(\'%s\');">Logout</a>' % ((escape(self.env.href.logout()),) *2) ))
- Now that's ok to start
tracd
and test logout feature.
(Patches for other versions below)
Recent Changes
Author/Contributors
Author: flox
Maintainer: none (needsadoption)
Contributors:
Attachments (2)
-
trac-0.10.2_basic-auth-logout.patch (2.1 KB) - added by 17 years ago.
Adapted for v0.10.2: 'tis a hack but it solved my problem.
-
True_logout_patch_trunk_updated.diff (2.1 KB) - added by 16 years ago.
updated patch for trac svn trunk 2008/03/11
Download all attachments as: .zip