Hello,
We are using Turbine with Velocity, Javascript and Java and Tomcat 7 as our
server. I have a use case where the session needs to be invalidated after a
user logs in. The things that I tried are:
* Tomcat7 by default has it turned on, but it does not work. We have another
system with Spring instead. That generates a new jsessionid without any
issues.
* I tried the following code just before the user gets authenticated via:
TurbineSecurity.getAuthenticatedUser(username, password);
my code:
HttpSession session = data.getRequest().getSession(false);
if (session!=null && !session.isNew()) {
session.invalidate();
}
data.getRequest().getSession(true);
this does not work. I still get the same sessionid.
I also tried:
data.getSession().invalidate(), but that too does not seem to work.
Any pointers or inputs are greatly appreciated.
thanks in advance,
Asha
--
View this message in context:
http://old.nabble.com/session.invalidate-not-working-tp34180666p34180666.html
Sent from the Turbine - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
