Managing Logout with Basic Authentication and PAM

This might be a naïve question as I lack the expertise on HTTP.

I have deployed an instance with ood configured to authenticate users based on basic authentication (PAM). Everything works smoothly but the logout is causing me some headaches for my use case (possible shared computers). The logout mechanism asks the users to close the browser, even restarting for a complete logout (as otherwise cookies are not eliminated).

Is there any way to force this without the user having to restart the browser? I fear users logout and leave the place without realising this message and a second user might come and work with previous user credentials.

Thanks a lot!

Hi and welcome @Juanjdurillo!

You may find this useful, but I’m thinking you’d have to write your own logout page that does this?

Are there other auth systems you could tie into like your campus’? You’re sharing computers, but are the users sharing deskop sessions? I mean they would have to login to the computer first and get a distinct session right? In any case, I’d recommend trying to tie into another auth system, especially if logout is a requirement (as it seems to be).

Thanks a lot! I’d try with the first as we are still setting up a different identity provider.