aspose file tools*
The moose likes Servlets and the fly likes implementing a 'logoff' for basic authentication Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Java 8 in Action this week in the Java 8 forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "implementing a Watch "implementing a New topic

implementing a 'logoff' for basic authentication

chen ven

Joined: Apr 16, 2004
Posts: 1
Our application authticates users using the basic authentication scheme. Since the user credentials are always part of the request header sent by the browser, how does one implement a 'logoff' ? Is there any way to invalidate a request header ?
Nathaniel Stoddard
Ranch Hand

Joined: May 29, 2003
Posts: 1258
If I remember this correctly, an authentication that was done through BASIC will be valid until the user closes her browser. If the authentication was done via a FORM, then you could simply call invalidate() on the HttpSession and the next fetch would require the user to login again.
As always, you will definitely want to double-check this information--but I hope it gets you headed off in the right direction.

wood burning stoves
subject: implementing a 'logoff' for basic authentication
Similar Threads
Tracking Authentication
How to configure Axis stubs for Integrated Windows Authentication ?
Setting Authorization Header in HTTP Request
How to get the HTTP Header from the request?
Setting Authorization Header in HTTP Request