Antonio Villafana wrote:
> Hi everyone,Here is my question........ How can I force a log-on
> using HTTP authentication in my servlet. Currently, if a user logs off
> and tries to log on immediately after, he/she is not presented with
> the authentication dialog. I am using
> the<resp.setStatus(HttpServletResponse.SC_UNAUTHORIZED) to capture
> usernname and password if initial try is invalid. Also, shouldn't
> <session.invalidate> destroy that session immediately?I'm using
> ServletExec.......with Apache. Code Snippet for session
> invalidation: HttpSession session = req.getSession(true);
> if (session != null) {
> HttpSessionContext context = session.getSessionContext();
> HttpSession curSession = context.getSession("Login.User");
> if (curSession != null) curSession.invalidate();
> } Any Suggestions.....Antonio
One thing to note is that HttpSessionContext was deprecated in version
2.1 of the API, and you won't be able to use it. If all you want to do
is invalidate the current session, just do this:
HttpSession session = req.getSession(false);
if (session != null)
session.invalidate();
Craig McClanahan
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
