[jboss-user] [Security & JAAS/JBoss] - Will logging out from JOSSO invalidate the application sessi
pmohanan
do-not-reply at jboss.com
Mon Oct 15 17:37:09 EDT 2007
Hi..All,
We integrated the JOSSO with our applications & it is working fine in terms of authenticating the user for all the registered applications.
The question I have is that once the user logs out using the Josso logout component, will it invalidate the application session too?
Here is the situation :
1. User "ABC" opens a new browser, logs in, the application gets user id & instantiates the user bean.
2. User "ABC" logouts & now user "XYZ" logs in from the same browser (without closing the earlier one) & as the application session is still active, I see the user bean still displaying "ABC" instead of "XYZ".
Regards,
P
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4095418#4095418
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4095418
More information about the jboss-user
mailing list