1 Reply Latest reply on Jan 5, 2002 9:15 PM by luke_t

logging out in FORM based authentication

rgsuresh Jan 3, 2002 11:26 AM

Hi all
I have a web-app which uses FORM based authentication with DataBaseServerLoginModule. It works fine and the users are getting authenticated. When a user clicks a logout button, a logout JSP page is called and it has

session.invalidate()
response.sendRedirect(<protected resource>)

this calls again some times the login page and sometimes a page inside protected area without authentication.
Also we are able to see the previous page before logout by clicking Browser back button.
Is the session properly invalidated or JBoss has any other method to accomplish this

Thanks in advance
Suresh

1. Re: logging out in FORM based authentication

luke_t Jan 5, 2002 9:15 PM (in response to rgsuresh)

Hi,

You don't say what version, or what web container you are using...

Are you sure the pages aren't being cached in your browser? Have you set the appropriate headers to prevent this?

Luke.
Actions