IIRC.... with basic auth logout should happen on every request with form auth logout should happen when the session expires.
A servlet filter should not be necessary, however until the bug is fixed that's the best solution. This is a pretty big problem, hopefully now that you've reminded me of it I can fix it.... thanks david jencks On Jun 6, 2011, at 10:57 PM, Adrie de Heer wrote: > After further investigation I discovered that (due to the fact that the > logout method isn't called) Geronimo is leaking memory in the ContextManager > (subjectContexts map). Newly created subjects aren't unregistered. This > looks like the issue reported in GERONIMO-5800. > When I add a servlet filter which unregisters the subject as described in > the jira the leak disappears. > Is this the way to go forward or are there other/better solutions? > > Regards, > Adrie > > -- > View this message in context: > http://apache-geronimo.328035.n3.nabble.com/Logout-method-of-custom-login-module-never-called-tp3019593p3033324.html > Sent from the Users mailing list archive at Nabble.com.
