File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Tomcat and the fly likes de-authenticate Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Tomcat
Bookmark "de-authenticate" Watch "de-authenticate" New topic


Benjamin Hundley
Ranch Hand

Joined: Mar 06, 2006
Posts: 54
I'm using Tomcat 5.5 for my web application. I have a login link and I told tomcat to authenticate the request sent by the login link via the deployment descriptor. The problem is that now I don't know how to log a user out. Is there a way to de-authenticate a client?
Ulf Dittmer

Joined: Mar 22, 2005
Posts: 42965
If you're talking about BASIC authentication -the kind where you enter username/password into a little dialog box popped open by the browser- then this is not possible. Once the browser knows it, it will always send it, until you quit it.
I agree. Here's the link:
subject: de-authenticate
It's not a secret anymore!