Thanks, I check immidiately. I guess you are correct (would be foolish to say something else :-)), however in my real application, the secure access is being made from a web service client. Not quite sure how to force logout. Maybe another login strategy?
br hw -- View this message in context: http://openejb.979440.n4.nabble.com/Asynchronous-principal-propagation-tp4669547p4669591.html Sent from the OpenEJB User mailing list archive at Nabble.com.
