Well, there's still the problem if the web app not having access to the LoginContext created by the container's authentication process so that it can explicitly log out.
This is another glaring omission for which there must be a solution somewhere. How does anyone ever log out of JAAS-secured web apps under JBoss? Also, the questions about why the user principal has to be a org.jboss.security.SimplePrincipal. Why? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3913543#3913543 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3913543 ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click _______________________________________________ JBoss-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/jboss-user
