You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2018/02/09 12:10:35 UTC
[Bug 62048] Missing logout function in Manager and Host-Manager
webapps
https://bz.apache.org/bugzilla/show_bug.cgi?id=62048
--- Comment #3 from Michael Osipov <19...@gmx.net> ---
(In reply to Mark Thomas from comment #1)
> They use BASIC auth. You can't logout from BASIC auth.
Why do you think so? I have swapped it for SPNEGO auth.
> We could change the auth mechanism but then that creates issues for the
> command line tools.
Moreover, the CSRF filter creates a session for the user. It would make sense
to have a logout to kill the session.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org