Can anyone suggest how I might implement a 'logout' facility by completely invalidating a users session within Flex?
>From what I can deduce, Flex initially passes the JSESSIONID through the flashproxy as a cookie, using it to construct the appropriate headers for the subsequent http call. With a _freshly_started_ server and a _new_browser_session_, this works great. However, when I call 'session.invalidate()' within a JSP page to force the user to re-authenticate themselves (which works), the flashproxy appears to hold both the original (now invalid) JSESSIONID and a new one. The upshot is that the main client session and the internal http connections are out of sync;ie not sharing the same session. This means that although the user is authenticated to view the flex client, none of the underlying service connections are authenticated. I've tried calling 'session.invalidate()' within an HTTPService call, and setting the 'JSESSION' cookie to immediately expire, but with no luck. Has anyone else run into this issue? Thanks, in advance. ...Col BTW, I'm using form based authentication against Tomcat 5.5. ------------------------ Yahoo! Groups Sponsor --------------------~--> <font face=arial size=-1><a href="http://us.ard.yahoo.com/SIG=12htsb4b3/M=362329.6886308.7839368.1510227/D=groups/S=1705007207:TM/Y=YAHOO/EXP=1124127141/A=2894321/R=0/SIG=11dvsfulr/*http://youthnoise.com/page.php?page_id=1992 ">Fair play? Video games influencing politics. Click and talk back!</a>.</font> --------------------------------------------------------------------~-> -- Flexcoders Mailing List FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.com Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/flexcoders/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
