aspose file tools*
The moose likes Servlets and the fly likes implementing a 'logoff' for basic authentication Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "implementing a Watch "implementing a New topic
Author

implementing a 'logoff' for basic authentication

chen ven
Greenhorn

Joined: Apr 16, 2004
Posts: 1
Our application authticates users using the basic authentication scheme. Since the user credentials are always part of the request header sent by the browser, how does one implement a 'logoff' ? Is there any way to invalidate a request header ?
Nathaniel Stoddard
Ranch Hand

Joined: May 29, 2003
Posts: 1258
Chen,
If I remember this correctly, an authentication that was done through BASIC will be valid until the user closes her browser. If the authentication was done via a FORM, then you could simply call invalidate() on the HttpSession and the next fetch would require the user to login again.
As always, you will definitely want to double-check this information--but I hope it gets you headed off in the right direction.


Nathaniel Stodard<br />SCJP, SCJD, SCWCD, SCBCD, SCDJWS, ICAD, ICSD, ICED
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: implementing a 'logoff' for basic authentication
 
Similar Threads
How to get the HTTP Header from the request?
Setting Authorization Header in HTTP Request
How to configure Axis stubs for Integrated Windows Authentication ?
Setting Authorization Header in HTTP Request
Tracking Authentication