Yes, I would use an Interceptor instead, but yes that's the idea. I remember doing the same thing, but started by testing if a security context already available, then logout (should not be the case, but). Then try, finally with a logout.
JLouis -- Jean-Louis Monteiro http://twitter.com/jlouismonteiro http://www.tomitribe.com On Fri, May 23, 2014 at 8:22 PM, hwaastad <[email protected]> wrote: > I tested from source now and it seems to be working nicely. Thanks Romain > and > JL! > > Regarding logout, > My real application does not have a web frontend. It was just for testing. > > what I meant was that I'm not sure how to logout a web service client > session after a method call. > > Maybe I can do something like this: > > @Resource > WebServiceContext wsContext; > > @Override > public int multiply(int mul1, int mul2) { > MessageContext msgCtxt = wsContext.getMessageContext(); > HttpServletRequest req = (HttpServletRequest) > msgCtxt.get(MessageContext.SERVLET_REQUEST); > registerServiceLocal.doPrivilegedStuff(); > LOG.info("Logging out before return..."); > try { > req.logout(); > } catch (ServletException ex) { > LOG.error("failure Logging out: {}", ex.getMessage()); > } > return mul1 * mul2; > } > > > > -- > View this message in context: > http://openejb.979440.n4.nabble.com/Asynchronous-principal-propagation-tp4669547p4669619.html > Sent from the OpenEJB User mailing list archive at Nabble.com. >
