Hi.
I have the same problem.
I'm trying to code a logout function for my web application.
That is, I have a FORM authentication and when I have a user validated, I want
to code a logout function.
But if I try to make a Session.invalidate() after a user has been validated, it
doesn't work,
what do you mean with deleting users from the database?
Do I have to delete the proncipals from the subject?
If yes is it safe to get the subject using SecurityAssociation.getSubject()?
View the original post :
http://www.jboss.org/index.html?module=bbop=viewtopicp=3836656#3836656
Reply to
Are you using FORM or BASIC web authentication? Session.invalidate() only works with
FORM login.
When deleting users from the database, you'll need to flush the authentication cache.
Search the forum for details on that.
View the original post :