[jboss-user] [Security & JAAS/JBoss] - Re: The neverending logout topic
nollie
do-not-reply at jboss.com
Mon Apr 23 17:41:37 EDT 2007
Gentlemen
I'm very interested in the issue of logging out as well. I have read many articles on the subject and nothing has worked so far.
I'm authenticating with org.jboss.security.auth.spi.LdapExtLoginModule by redirecting users to /auth/portal/myPortal/myPage. This is working well. I have tried to invalidate the HttpSession and the PortletSession, but neither is working. I have my browsers configured to never save passwords for my dev site, so I'm not sure how they are automatically logging the user back in. Furthermore, invalidating my session is not erasing variables that my portlets have stored in the session - something I will post on another topic, but seemingly associated with my authenticated 'flag' not being reset.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4040030#4040030
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4040030
More information about the jboss-user
mailing list