The limitations (can't see safe content, can't logout) are only true with .htaccess based HTTP Auth. But if you implement it in PHP instead, you should be able to accomplish both those things using session vars.