Users seem to have a hard-time login out of applications using basic authentication. This is not surprising as basic auth don't provision for a logout mechanism.
Some hacks are possible though and we should be able to do a best-effort logout in our BasicAuthentication security provider.
In Firefox we can use synchronous AJAX to send false credentials.
In Chrome, I don't think we can do anything.
At last, if a logout trick is not possible in the current browser, we should display a message to the user to close its browser for full logout (modal or something).
Users seem to have a hard-time login out of applications using basic authentication. This is not surprising as basic auth don't provision for a logout mechanism.
Some hacks are possible though and we should be able to do a best-effort logout in our BasicAuthentication security provider.
We could make this work easily in IE/Edge:
In Firefox we can use synchronous AJAX to send false credentials. In Chrome, I don't think we can do anything.
At last, if a logout trick is not possible in the current browser, we should display a message to the user to close its browser for full logout (modal or something).