Hello all! This is an interesting question indeed! And if you allow me to, I will ask one more question:
if we use form-based anthentication, how do we log out in this case? Is invalidating the session what 'logs us out' if we use form-based authentication in the general case? RL> I have recently been able to configure my web.xml file and all to use HTTP RL> Basic Authentication, and it all works fine.. However, it seems that the RL> only way I can "log out" to insert a different username/password is to exit RL> my web browser and then restart it. Is there some way that I can manually RL> "invalidate" the current authenticated session from within my java servlets? RL> For example with HttpSession objects there is a simple invalidate() method RL> that will invalidate that session object. Is there something similar for RL> HTTP Basic Authentication? Thanks!! ___________________________________________________________________________ To unsubscribe, send email to [EMAIL PROTECTED] and include in the body of the message "signoff SERVLET-INTEREST". Archives: http://archives.java.sun.com/archives/servlet-interest.html Resources: http://java.sun.com/products/servlet/external-resources.html LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
