Well, the established fashion is a login form right in the page. I think there are many users who are confused by the standard HTTP auth box (those dialogs being ugly doesn't help, and the Firefox one is the worst-looking of the bunch).

It wouldn't be hard to extend HTML in order to support HTTP-auth (digest auth) via normal forms. The logout-button feature would be a natural addition as well. Think along the lines of a javascript call or a magic form-target.

This is just one of the many failures of the W3C.

Authentication is at the core of every webapp, browsers already support a strong mechanism - but with interface issues so severe that everybody prefers to invent their own.

The fix outlined above could be specified in a week and implemented in another. In W3C terms that translates to: 1-2 decades.