[jboss-user] [Security & JAAS/JBoss] - Re: The neverending logout topic
sim-smith
do-not-reply at jboss.com
Mon Apr 23 20:28:30 EDT 2007
If you are interested, I have an app where this is all working. I use FormAuthentication, and have a logout.jsp that we use for logging out:
<%
// get the current subject and its context within the security realm
final javax.security.auth.Subject subject = (javax.security.auth.Subject) new javax.naming.InitialContext().lookup("java:comp/env/security/subject");
final javax.security.auth.login.LoginContext context = new javax.security.auth.login.LoginContext("security.realm", subject);
// logout the context and invalidate the session
context.logout();
request.getSession().invalidate();
// redirect back to the default page for the context path
response.sendRedirect(request.getContextPath() + "/");
%>
Hope this helps.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4040058#4040058
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4040058
More information about the jboss-user
mailing list