Re: logout when already logged out

[kevin mcgowan <clunis@xxxxxxxxx>]

Yeah, I've wondered about this a few times myself and have been meaning 
to talk to our usability folks about it.  I'm uncomfortable with silent 
failure, but in this case I think it is utterly reasonable.  Anyone 
have any objections to my changing the code such that logout tells the 
user everything succeeded even if it didn't but logs any strange errors 
for admin perusal?

The vast majority of these cases will be that the user was not logged 
in.  Other possible errors (permission denied by cosignd, couldn't 
contact cosignd, etc.) aren't really anything the user can do anything 
about.  As long as the cosign cookie has been nullified & expired in 
his/her browser everything will behave properly.

Kevin

On Jun 28, 2004, at 9:36 AM, Phil Pishioneri wrote:

> During a discussion with one of our graphic folks who is working on 
> our customized pages, an interesting point came up:
>
> When one is sitting on the verify logout page, and logs out elsewhere 
> (either a time-out, or by manually going through logout in another 
> window), and then attempts to logout of the first page, you get an 
> error page with the message
>
> > Logout failed. Perhaps you were not logged-in?
>
>
> While true at one level, is it really a problem?
>
> If you are actually logged out (vs. some internal problem preventing 
> logouts), mightn't it be less confusing for the client if the code 
> just redirected back to the main page (as it does for a successful 
> logout)?
>
> -Phil
>
>
> !DSPAM:40e01f9c280302022323458!

                                      ... "In, as you say, the mud." ...