note httpauth weirdness

author: http://smcv.pseudorandom.co.uk/ <smcv@web> 2014-02-18 11:08:28 -0400
committer: admin <admin@branchable.com> 2014-02-18 11:08:28 -0400
commit: 665f32302f80265e29ed0f8f850dabfc3dc1f07d (patch)
tree: 4978f32577951964456352a05bc2475017ea0342 /doc
parent: 442c53fc2da9eadd30dad74231815569f8ca2fbf (diff)
download: ikiwiki-665f32302f80265e29ed0f8f850dabfc3dc1f07d.tar
ikiwiki-665f32302f80265e29ed0f8f850dabfc3dc1f07d.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/doc/forum/How_can_I_invert_the_banned__95__user_check__63__.mdwn b/doc/forum/How_can_I_invert_the_banned__95__user_check__63__.mdwn
index d53a78682..2436b2e56 100644
--- a/doc/forum/How_can_I_invert_the_banned__95__user_check__63__.mdwn
+++ b/doc/forum/How_can_I_invert_the_banned__95__user_check__63__.mdwn
@@ -26,3 +26,8 @@ PS: the user is authenticated via 'httpauth', would that make a difference?
 > --[[smcv]]
 
 >> That was my initial setup but it wasn't working and I got caught-up on the `banned_user` idea.  It would seem I was getting tricked by some credential-caching-weirdness.  Fired up another browser and `locked_pages` works perfectly.  Thanks.  -- fergus
+
+>>> Browsers generally remember HTTP auth credentials until they're closed
+>>> or get a 401 error, and don't generally have a way to "log out".
+>>> As far as I'm aware, there's nothing that [[plugins/httpauth]] can
+>>> do about that. --[[smcv]]
author	http://smcv.pseudorandom.co.uk/ <smcv@web>	2014-02-18 11:08:28 -0400
committer	admin <admin@branchable.com>	2014-02-18 11:08:28 -0400
commit	665f32302f80265e29ed0f8f850dabfc3dc1f07d (patch)
tree	4978f32577951964456352a05bc2475017ea0342 /doc
parent	442c53fc2da9eadd30dad74231815569f8ca2fbf (diff)
download	ikiwiki-665f32302f80265e29ed0f8f850dabfc3dc1f07d.tar ikiwiki-665f32302f80265e29ed0f8f850dabfc3dc1f07d.tar.gz