This content has been marked as final.
Show 3 replies
-
1. Re: getting LoginContext after form based authentication
martin0 Feb 27, 2004 8:08 AM (in response to martin0)okay session.invalidate seems to do the trick
-
2. Re: getting LoginContext after form based authentication
silviu.marcu Oct 19, 2005 3:07 PM (in response to martin0)the session invalidate does not work for BASIC type jass security...
-
3. Re: getting LoginContext after form based authentication
brian.stansberry Oct 19, 2005 3:12 PM (in response to martin0)HttpSession.invalidate() does kill the session on the server side. However, the browser caches the BASIC authentication credentials and will continue to present them to the server for the life of the browser session. When this happens, the user is reauthenticated on the server side, but it's all transparent to the user.