---

How do you make a TWiki logout page?

When many people successively use the same screen and are likely to use the same browser running without being closed down, it may be practical to be able to logout of TWiki.

Some hints: http://www.ssi-developer.net/htaccess/htaccess_logout.shtml

method: recommend that the user tries to access an inaccessible file

As of version twiki_20030201-1_all.deb, what worked for me (boud) is the following:

an inaccessible file

• ls -l /usr/lib/cgi-bin/twiki/logoutfile
  • -rwxr-xr-x 1 root root 0 Sep 23 14:52 /usr/lib/cgi-bin/twiki/logoutfile
  • an empty local file, local access doesn't matter
• more /usr/lib/cgi-bin/twiki/.htaccess
  • ...
  • <Files "logoutfile">
  • require user logoutuser
  • </Files>
  • only one very special user is allowed to access the file
• more /var/lib/twiki/data/.htpasswd
  • ...
  • logoutuser:logoutpass
  • In principle, if anyone can decrypt the string "logoutpass" (in principle, as far as apache is concerned, this is the crypted version of some existing password), he/she could log in as user logoutuser . However, it's very unlikely that this could be done, and even it could be, it wouldn't matter.
• the directories for Debian are probably different to standard - you have to sort this out for your system

explanation for the user

• info on LogoutPage, before accessing inaccesible file, so that the user understands what to do - with a link to the inaccessible file - it's probably important to have this wrapper page, since otherwise the user will not understand that clicking on cancel is what is expected.
• info on /var/lib/twiki/templates/oopsauth.tmpl, this is seen after accessing the inaccessible file and clicking on cancel - someone can reach this page for different reasons, it's probably important that the user has this feedback

---

see also: TWiki:Codev.HowToMakeATWikiLogoutPage, TWiki:Codev.UsabilityIdeas#obvious_login_logout_mechanism