Aleksei Valikov wrote: > Hi. > >> There's a LogoutFilter in 1.0+ >> >> http://www.acegisecurity.org/multiproject/acegi-security/apidocs/org/acegisecurity/ui/logout/LogoutFilter.html > > Of course it is there, but it does not invalidate session on logout per > default. > Doing something on logout is the task of the LogoutHandlers invoked by the > filter. > > What I'm proposing is just an implementation of the LogoutHandler that > invalidates the session. I think this is basic functionality and should be > included into ACEGI.
Hi Lexi Yes, I have already received requested from people off-list about this and agree it is reasonable to include in core. Please feel free to log it into JIRA and I will do so. It should be configurable, as sometimes a logout might need to leave the session intact. Thanks Ben ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Home: http://acegisecurity.org Acegisecurity-developer mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
