You're saying it should call login() and then immediately logout() on the first HTTP request??????????
That would be bizarre. I want to log out when then hit the logout link. Anyway, it's not diong that - it's never getting into my LoginModule's logout() method. The login() is being called fine, and I'm connecting to the backend server, caching the connection in the session, and the webapp then uses that. When they hit the logout link though, it does a session.invalidate(), and no logout() is called, and the connection to the backend server stays open, and consumes a licence seat (It's HORRIBLE legacy stuff, and that's how they're clinging to viability - licencing!) Now I could do the processing myself, but what if there were more login modules stacked up (as they may well be with JAAS authentication). It may be that more logout() methods in other modules may need to be called. The container must have some way of doing this! We need access to the LoginContext used by the container at authentication time! View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3913573#3913573 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3913573 ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click _______________________________________________ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
