Hi all, I have a webapp (Tomcat 4.1.24) that has a set of jsp's in a protected directoy. The user login is using form based authentication with a memoryRealm. This is all working fine.
I am now trying to create a logout button. I have checked the archives and found a number of threads on this issue. The advise seems to be: * invalidate the session using session.invalidate(); * send an error code using response.sendError(response.SC_UNAUTHORIZED, 'Logged out'); * make usre that the page is not cached using: <meta http-equiv="Pragma" content="no-cache"> <meta http-equiv="Expires" content="0"> I have tried all of these and it still does not seem to work. After clicking the logout button, I can still view the pages in the protected directory. My button looks like this: <input type="submit" name="id0" value="Logout" onclick="session.invalidate();response.sendError(response.SC_UNAUTHORIZED, 'Logged out');" > Thanks for any help that you can give me... Patrick --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
