Using Digest Access Authentication you probably encountered the problem with effective logout. I solved this with timeout option. My solution to this is as follows:

MVC logout action:

public function logoutAction()
{
  $YourSessionObject->ForceLogout(True);
  // the rendered page should contains automatic redirection to page for action /auth/login
  // e.g. <meta http-equiv="refresh" content="2;url=http://domain/auth/login">
  $this->Render();
}

MVC login action:

public function loginAction()
{
  $timeout = 3600;
  if( $YourSessionObject->IsForcedLogout() ){
    $timeout = 1;
    SetInSession->ForceLogout(False);
  }
  // config for Zend Framework auth.
  $config = array(
    'accept_schemes' =>'digest',
    'realm' =>Zend_Registry::get('realm'),
    'digest_domains' =>'/',
    /* IMPORTANT CHANGE */
    'nonce_timeout' =>$timeout,
  );
}

So, the previous ‘authorize’ data in apache header are invalid and thus http server requires to input fresh data.