If I connect to the WebGUI it asks for my username and password, which is fine.
but how do I log out of it?
Or will it do that automatically when I close the browser window?
i'm using ver. 1.42
Logout possible?
Re: Logout possible?
hey thr33face
its a good question and I was wondering about this feature
I am using version 1.34 and connecting to the webUI using firefox.
When I connect to the webUI it asks me for authentication. Closing the tab and reconnect again, I am still connected (cant logout)
When I restart firefox the authentication question comes again (seems it exits and reconnects to the webUI hopefully!!!!)
I am not a specialist in security issues
so ...
is there a need to have a "logout button" or something similar, or there is no need for it, by restarting the web browser?
I hope someone is gonna help us with this question
its a good question and I was wondering about this feature
I am using version 1.34 and connecting to the webUI using firefox.
When I connect to the webUI it asks me for authentication. Closing the tab and reconnect again, I am still connected (cant logout)
When I restart firefox the authentication question comes again (seems it exits and reconnects to the webUI hopefully!!!!)
I am not a specialist in security issues
so ...is there a need to have a "logout button" or something similar, or there is no need for it, by restarting the web browser?
I hope someone is gonna help us with this question
-
fschaeckermann
- Posts: 23
- Joined: Thu Feb 21, 2008 4:06 pm
- Location: Frankfurt/Main, Germany
Re: Logout possible?
With transmission there is no session management. Each request to the transmission server/daemon has to be authenticated. Using a browser that means each request has to include the authentication header or the response is going to be a "401 - Unauthorized" return code.
Once the browser gets that response it puts up the window to enter the user ID and password and then re-sends the request (now with the authentication header containing the user Id and the password in base64 encoding). If the user ID and/or password was wrong, transmission is going to answer with a 401 again and the "user ID and password window" is popping up again, giving you another chance to enter the right credentials.
If you did, everything is fine and transmission will send back the requested page.
From now on the browser is smart enough to remember the credentials that worked and sends the authentication header with each request saving you the work of re-entering the user ID and password for each access to the transmission server/daemon.
Therefore there can not be a logout button in the transmission web UI since transmission never really logs you in. The only way to loose those credentials and make the browser NOT send them automatically with each request is to restart the browser. Since those credentials are only stored in the browser's memory and not written to disk they get lost once the browser ends.
Regards, Frank
Once the browser gets that response it puts up the window to enter the user ID and password and then re-sends the request (now with the authentication header containing the user Id and the password in base64 encoding). If the user ID and/or password was wrong, transmission is going to answer with a 401 again and the "user ID and password window" is popping up again, giving you another chance to enter the right credentials.
If you did, everything is fine and transmission will send back the requested page.
From now on the browser is smart enough to remember the credentials that worked and sends the authentication header with each request saving you the work of re-entering the user ID and password for each access to the transmission server/daemon.
Therefore there can not be a logout button in the transmission web UI since transmission never really logs you in. The only way to loose those credentials and make the browser NOT send them automatically with each request is to restart the browser. Since those credentials are only stored in the browser's memory and not written to disk they get lost once the browser ends.
Regards, Frank
Re: Logout possible?
thank you very much Frank
it was very helpful and now I can understand the way webUI it works...
Alex
it was very helpful and now I can understand the way webUI it works...
Alex