Hello,
I have a series of web sites which use https:// authentication (using AD
integration to 'check the credentials' as it were) - all seems to be working
well...
I have been Googling et al. for a way to log the user off the site
"fully"...
I can do a series of things on the server side per Dreamweaver's Server
Behaviour / User Authentication | Log Out User, etc - but the client's
browser cache (?) still keeps the credentials, and so if they return to the
site (say, with their back button) they can get right back in... the only
sure fire way that I can see, simply, is to close and reopen the browser.
Any thoughts on how to clear the user's browser's cache of a https:// site's credentials and then send them on to a non-secure page?
I thought of:
a.. closing and reopening the browser with some JS, if this is indeed
possible - buT I would need to somehow keep track of what other pages the
user had open, their security settings might now allow it, the user would
likely get annoyed (!), etc, etc
b.. "forcing" a 401 or 403 - but my attempts at 'coding' this were
unsuccessful - and also how do you get the page to redirect on to something
like www.adobe.com or something (because seeing a 403 'standard page
message' would likely be "alarming" to the average user
c.. I have some code in ASP that will do this, but the user would be have
to be limited to using Internet Destroyer - ugh! :-)
Thanks In Advance:
GREG...
Note: cross-posted to the JavaScript in case this is better solved using that, being client side and all... trust this is OK etiquette?