<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
<title></title>
</head>
<body bgcolor="#ffffff" text="#000000">
Again... you probably had traversed up into the ZMI, and you probably
have the default setup where the 'admin' user for Zope is 'inherited'
down into the Plone instance.... so at that point you were using the
ZMI 'http AUTH' method to authenticate (not cookies thats used in
Plone). But then you went BACK into the Plone instance, and tried to
log out there. <br>
<br>
What I tried earlier today was to log in to PLONE as my regular user,
log out, log into PLONE as the admin, log out.. .and it all kept
track of things fine.<br>
<br>
Try this: Fire up the browser from scratch. Go to the ZMI and log in
as admin. Then, up in the top right where it says 'Logged in as
ADMIN', and next to it is the pulldown that has 'Zope Quick Start'
highlighted.... pull down and select LOGOUT - you'll immediately be
presented with another Zope log in dialog box - hit CANCEL here, and
you'll then see 'logged out'. If you then go to the url of your plone
site 127.0.0.1:8080/<PloneSite> you'll see that you're
not logged in.<br>
<br>
r<br>
<br>
<br>
<br>
Dustin wrote:
<blockquote
cite="midPine.LNX.4.44.0507201517170.22350-100000@alice.wonderland.caltech.edu"
type="cite">
<pre wrap="">On Wed, 20 Jul 2005, Emerson, Tom wrote:
</pre>
<blockquote type="cite">
<pre wrap="">This is probably a "cookie" issue -- generally the server will issue you
a cookie stating "you're logged in", which your browser dutifully sends
on every subsequent request. When you "log out", theoretically the
server should send some directive to DELETE the cookie, but I don't
think there is such a directive to do this in the first place. Also,
since you indicate this "clears up" when you physically exit the
browser, it suggests that this is actually a "session temporary" cookie
(has an expiration time of -1, I believe) which the client might NOT be
"deleting" if the server does indeed have a way of saying "this cookie
has gone stale -- dump it"
</pre>
</blockquote>
<pre wrap=""><!---->
I thought so too, but on the other hand I cleared all cookies at one point
and was still logged in.
Dustin
</pre>
</blockquote>
</body>
</html>