[whatwg] connecting usernames and passwords

Matthew Thomas mpt at myrealbox.com
Fri Dec 17 21:15:47 PST 2004


On 18 Dec, 2004, at 6:43 AM, Greg Kilwein wrote:
>
> Related to this, it would be nice to have a standard, simple way for a 
> browser session to "log out" of its HTTP authentication.  Currently 
> with some UAs, a user must to close all of his or her browser windows 
> and/or tabs in order to be able to log in as someone else.

That's entirely the fault of the browser vendors; they haven't bothered 
to implement it in a convenient way. (See for example 
<https://bugzilla.mozilla.org/show_bug.cgi?id=260839>.)

> ...
> I'm not sure of the best way to accomplish this log out functionality 
> (headers? HTML tags?)

There's no need for authors to do anything extra; browsers just need to 
do a full implementation of HTTP authentication (i.e. one that includes 
the ability to log out). A browser using my design for logging in, for 
example, could change the panel for logging in to one for logging out:

  ____________________________________________________________
| Committee Members Area             ID: [        ]          |
| foo.example.org              Password: [        ] (Log In )|
|""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""|
:                                                            :
                               |
                               V
  ____________________________________________________________
| Committee Members Area   Logged in as: gregk               |
| foo.example.org        Stay logged in: [1 week:^] (Log Out)|
|""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""|
:                                                            :

-- 
Matthew Thomas
http://mpt.net.nz/



More information about the whatwg mailing list