[jboss-user] [Security & JAAS/JBoss] - Re: The neverending logout topic

sim-smith Mon, 23 Apr 2007 17:29:08 -0700

If you are interested, I have an app where this is all working.  I use 
FormAuthentication, and have a logout.jsp that we use for logging out:


<% 
// get the current subject and its context within the security realm
final javax.security.auth.Subject subject = (javax.security.auth.Subject) new 
javax.naming.InitialContext().lookup("java:comp/env/security/subject");
final javax.security.auth.login.LoginContext context = new 
javax.security.auth.login.LoginContext("security.realm", subject);

// logout the context and invalidate the session
context.logout();
request.getSession().invalidate();

// redirect back to the default page for the context path
response.sendRedirect(request.getContextPath() + "/");

%>


Hope this helps.

View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4040058#4040058

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4040058
_______________________________________________
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user

[jboss-user] [Security & JAAS/JBoss] - Re: The neverending logout topic

Reply via email to