I am using a customized login page for my application. I is perfectly checks the authentication.
my first question is how would I know that which type of login authentication I am using (i.e Basic or session). I know it is very stupid question but even.
Then next
using following code I logout from the application
It is successfully logged out, but If i click on the Back button of the browser it is still showing the previous page with logged in user as Anonymous.
I gave “Anonymous” has Depositior rights with Read/write public document. because without giving this right, the agent is not working.
Is it correct way or not. How can I restrict user for such type of operation?
I also want to restict user that if he/she open the database using bookmark, it must ask for authentication?
Actually, I am very new kid in Domino web that’s why I am facing such type of problem. Please excuse me and help me to clear my doubts
Subject: How can I recognize Login Authentication method
Technically, the “Session authentication” setting on the Domino Web Engine tab (either in the server document, or in the web site document, if those are used) determines whether forms based or simple authentication will be use. If session authentication is disabled, the browser will use simple authentication.
If a link ending in &login or simply accessing a restricted resource results in a browser pop-up window for user name and password, the browser will attempt simple authentication. Whenever a login form is displayed (either customized or the standard one), forms based authentication is used. You can also set your browser to ask you for each cookie to be set (as will be used with with session authentication enabled). Finally, you can use a HTTP header sniffer (like LiveHTTPHeaders for Mozilla based browsers) to see the difference: With simple authentication, your user name and password are transmitted with each request in base64 encoded format.
If clicking the back button takes you back to the page displayed before after logging out, you are probably using Firefox (or maybe Opera?). Firefox keeps a rendered version of the site in its cache, and that’s what is displayed, a cached version of the page. The only way around it, that I’m aware of, is to instruct the user to close the browser window. Closing the window using JavaScript would require a signed script, if I remember right.