Hi Sohil Thanks for your response
I cross checked it twice and started fresh after deleting all the cookies, here is what I found out about cookies 1) Application after I log in I can see one cookie for my domain "token" 2) Now from same browser I go to Applicatiob B, automatically gets log into the Application B and cookie is still "token" for my domain 3)I logout from application B and after that "token" cookie is deleted under the domain. 4)I go back to application A and again I automatically log in and this time I again see the "token" cookie for my domain 5)I go back to Application B and again I gets logged in automatically, token cookie is regenerated Note: All above steps are done with 5 sec delay Now 6) On Application B I logout (In logs I can see I am calling session.invalidate() and after that request.getuserprincipal becomes null), After logging out,Now token cookie is deleted from browser. I again type the logout URL on browser for application B and send the page again to logout page i.e I did logout for 2 times 7) Now I go back to Application A and now I see 'SSO Logout...' message on screen, (I beleive that this message is internal as I am not printing it anywhere) and after that my logout page of application A is called. So I am sure that I have to do logout twice and then only I log out from all partner applications. Waiting for your response Regards Nipun View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3985947#3985947 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3985947 _______________________________________________ jboss-user mailing list [email protected] https://lists.jboss.org/mailman/listinfo/jboss-user
