Um not an IBM extension. The servlet spec has session.invalidate() which works with form authentication but just dumps the session cache but not the authentication (which sits in the browser)
I'm talking about invalidating the authentication, not the servlet session.
WebSphere's authentication does not make any use of the servlet session. They are separate things.
_______________________________________________ Juglist mailing list [EMAIL PROTECTED] http://trijug.org/mailman/listinfo/juglist_trijug.org
