3 Replies Latest reply on Oct 19, 2005 3:12 PM by brian.stansberry

getting LoginContext after form based authentication

martin0 Feb 27, 2004 7:49 AM

I hope this has a simple answer....

I've got a web application and authenticate users with form based jass authentication.

When I want to log them out, I believe I need the LoginContext with which they were logged in. How do I get that? I don't see any obvious methods like request.getLoginContext() some such function.

TIA
Martin

1. Re: getting LoginContext after form based authentication

martin0 Feb 27, 2004 8:08 AM (in response to martin0)

okay session.invalidate seems to do the trick
Actions
2. Re: getting LoginContext after form based authentication

silviu.marcu Oct 19, 2005 3:07 PM (in response to martin0)

the session invalidate does not work for BASIC type jass security...
Actions
3. Re: getting LoginContext after form based authentication

brian.stansberry Oct 19, 2005 3:12 PM (in response to martin0)

HttpSession.invalidate() does kill the session on the server side. However, the browser caches the BASIC authentication credentials and will continue to present them to the server for the life of the browser session. When this happens, the user is reauthenticated on the server side, but it's all transparent to the user.
Actions

Go to original post