Is it possible to log out user from a web site if he is using basic authentication?
Killing session is not enough, since, once user is authenticated, each request contains login info, so user is automatically logged in next time he/she access the site using the same credentials.
The only solution so far is to close browser, but that's not acceptable from the usability standpoint.
Have the user click on a link to https://log:[email protected]/. That will overwrite existing credentials with invalid ones; logging them out.