<div dir="ltr">Hi,<br> Thank you for your quick replay. I am using CookieCrumbler product which does cookie based authentication. The product modify the client request and server response but when user want to log out it calling the "manage_zmi_logout" functaion which pass basic authenticate in response header that's why it calling login window . I don't want to show any window and also i want to fully logout user from zope is any way to do that .<br>
<br>Thank and Regards,<br>vaibhi<br><br><br><br><br><div class="gmail_quote">On Wed, Sep 17, 2008 at 6:58 PM, Tino Wildenhain <span dir="ltr"><<a href="mailto:tino@wildenhain.de">tino@wildenhain.de</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div class="Ih2E3d">vaibhav pol wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Dear all,<br>
I create logout page in my site when user want to logout it will submit the page of page submit i called "manage_zmi_logout" function . which promt me for again login user name password window i want redirect user to login page but if redirect whiout calling "manage_zmi_logout" function user not actualy logout from zope is any other way to kill user session please tell me.<br>
</blockquote>
<br></div>
Is there a question somewhere?<br>
<br>
Looks like you are trying to log out a "basic auth". This is not<br>
really possible - the protocol has nothing to support it.<br>
What zope does is using a dirty trick - most browsers expire<br>
sending the auth header when they get a 401 response (look up your<br>
copy of rfc2616).<br>
<br>
What you probably want is to use a cookie based authorization.<br>
<br>
Did you already explore zope PAS?<br>
<br>
Cheers<br><font color="#888888">
Tino<br>
</font></blockquote></div><br></div>