It seems I am invalidating another servlet than the one which authenticated
the webapp. This confusion is because I am using Google Web Toolkit
application template which not just a plain servlet application.
I am now trying to invalidate all the sessions by calling
HttpSession.logout(). I can see
2012/6/20 javed Ansari javid@gmail.com:
It seems I am invalidating another servlet than the one which authenticated
the webapp. This confusion is because I am using Google Web Toolkit
application template which not just a plain servlet application.
I am now trying to invalidate all the
These settings I already have.
Does that mean logout has been removed from the Servlet 3.0.
The book I am referring uses servlet 2.0. Can anybody confirm this?
On Wed, Jun 20, 2012 at 12:44 PM, Konstantin Kolinko knst.koli...@gmail.com
wrote:
2012/6/20 javed Ansari javid@gmail.com:
It
This logout function was added in Servlet Spec 2.4
http://mail-archives.apache.org/mod_mbox/tomcat-dev/200208.mbox/%3c1029034964.4749.754.ca...@hue.jadn.com%3E
But even after pointing to Dynamic web module 2.4, and Tomcat 7.0, I am not
able to access that API.
Regards,
Javed
On Wed, Jun 20, 2012
The HttpServletRequest.logout function was added in Servlet 3.0. I don't
know what your citation is talking about but there is no
HttpSession.logout() method in the Servlet Specification 2.4 or anywhere
else.
EJP
-Original Message-
From: javed Ansari [mailto:javid@gmail.com]
Sent:
Hi,
But how to call the logout on my LoginModule? That is my actual question. I
do not have a LoginModule object with me. LoginModule is called by tomcat
himself when we use Form Based Authentication.
=
Javed
Just call
Den 19-06-2012 08:41, javed Ansari skrev:
Hi,
But how to call the logout on my LoginModule? That is my actual question. I
do not have a LoginModule object with me. LoginModule is called by tomcat
himself when we use Form Based Authentication.
Read what EJP said again. When you call
Hmmm,
By Session I assume you mean HttpSession. I have below code in the doPost
of the Login click.
HttpSession session = req.getSession();
session.invalidate();
And then I am redirecting to Login page.
Next when I try to login in the same browser session, it shows an error
(error code 408)
Javed
I don't know why you are invalidating the session when you log *in.* I said
to invalidate it to log *out*.
EJP
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail:
Ooops, I could not explain. Sorry for mess...
I am invalidating in logout only **not** in login.
Once I click on logout, I invalidate. Then I redirect to login page. Then
if I try to login again the foresaid error comes (error code 408).
On Wed, Jun 20, 2012 at 5:22 AM, Esmond Pitt
Ok let me try this. But in any case once I call invalidate the JAASRealm
should automatically call the LoginModule.logout(). But my log suggest that
this is not happening.
On Wed, Jun 20, 2012 at 10:07 AM, Esmond Pitt esmond.p...@bigpond.comwrote:
**
You must never redirect to the login page:
Hi,
Thanks for the help so far.
Now my login implementation is working. I added a context.xml file in the
META-INF folder and now those two classes are being loaded. good so far.
Now I want to implement LOGOUT. For this I have a hyperlink named logout
on every page. By clicking on that I suppose
Javed
Just call Session.invalidate() or HttpServletRequest.logout(). The JAASRealm
will do the rest, and call logout() on your LoginModule. Note that you can't
assume it is the same instance of your login module, that's what all the
shared state is for.
EJP
Hi,
Those two classes are created by myself. They implement
java.security.Principal interface in order to hookup JAASRealm in tomcat.
I have attached the classes. Please rename the smarts_zip to smarts.zip
after downloading.
Following are the entries in red color for this in the server.xml file
javed ansari wrote:
Hi,
Those two classes are created by myself. They implement
java.security.Principal interface in order to hookup JAASRealm in tomcat.
I have attached the classes. Please rename the smarts_zip to smarts.zip
after downloading.
This list strips most attachments. Yours appears
From: javed ansari javed@gmail.com
To: users@tomcat.apache.org
Sent: Thursday, June 14, 2012 12:06 AM
Subject: Re: Apache tomcat (7.0.27) is not loading the user and role class for
JAASRealm
Hi,
Those two classes are created by myself. They implement
I am creating a website and implement security. For this I am using Form
based authentication and JAASRealm. I have implemented the login module and
able to authenticate but while authorizing tomcat is not able to load the
user and role classes once I start the tomcat server.
It gives the
- Original Message -
I am creating a website and implement security. For this I am using
Form
based authentication and JAASRealm. I have implemented the login
module and
able to authenticate but while authorizing tomcat is not able to load
the
user and role classes once I start the
- Original Message -
From: Daniel Mikusa dmik...@vmware.com
To: Tomcat Users List users@tomcat.apache.org
Cc:
Sent: Wednesday, June 13, 2012 6:25 AM
Subject: Re: Apache tomcat (7.0.27) is not loading the user and role class
for JAASRealm
- Original Message -
I am
19 matches
Mail list logo