When a user logs out of our JBoss Portal application he is sent to a portal page that
contains a logout portlet whose processAction() method calls
JBossActionResponse.signout("/home").
This works quite well when our users log in through our normal JSP form mechanism.
However, the registration wizard of our website uses the new
org.jboss.web.tomcat.security.login.WebAuthentication class to programatically log users
in, such that they do not have to re-login once they have created the username and
password.
The problem we have is when the programatically signed in members try to log out using the
JBossActionResponse.signout() method. In looking at the code for this method, it is
checking that the AUTH_TYPE of the portlet request is set to "FORM" and throwing
an exception if it is not. When we programatically sign in using the WebAuthentication
class, the AUTH_TYPE is set to "PROGRAMMATIC_WEB_LOGIN", and thus we get the
exception.
My question is why this AUTH_TYPE check exists in the signout() method, and if anyone
knows a way around it using the programmatic login.
Thanks,
Ted
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4085597#...
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...