15 Jan
2013
15 Jan
'13
9:06 a.m.
I believe that's impossible. From https://en.wikipedia.org/wiki/Basic_access_authentication#Disadvantages "Existing browsers retain authentication information until the tab or browser is closed or the user clears the history.[1] HTTP does not provide a method for a server to direct clients to discard these cached credentials. This means that there is no effective way for a server to "log out" the user without changing the realm periodically, directing the user to close the browser, or using sessions in the URL." [1] http://www.tolaris.com/2009/09/08/logging-out-of-http-auth-with-firefox/