2 Replies Latest reply on Sep 21, 2007 5:38 PM by cristant

    "Cannot perform programmatic signout" exception

    tucano
    tucano Sep 18, 2007 12:27 PM

      When a user logs out of our JBoss Portal application he is sent to a portal page that contains a logout portlet whose processAction() method calls JBossActionResponse.signout("/home").

      This works quite well when our users log in through our normal JSP form mechanism. However, the registration wizard of our website uses the new org.jboss.web.tomcat.security.login.WebAuthentication class to programatically log users in, such that they do not have to re-login once they have created the username and password.

      The problem we have is when the programatically signed in members try to log out using the JBossActionResponse.signout() method. In looking at the code for this method, it is checking that the AUTH_TYPE of the portlet request is set to "FORM" and throwing an exception if it is not. When we programatically sign in using the WebAuthentication class, the AUTH_TYPE is set to "PROGRAMMATIC_WEB_LOGIN", and thus we get the exception.

      My question is why this AUTH_TYPE check exists in the signout() method, and if anyone knows a way around it using the programmatic login.

      Thanks,
      Ted

      • 1890 Views
      • Tags:
        • 1. Re:
          cristant
          cristant Sep 21, 2007 5:03 PM (in response to tucano)

          I'm seeing this same behavior using the WebAuthentication object from a test WAR. I have even tried signing off using the logoff() method of the WebAuthentication and the logout is not actually working.

          ~Matt

            • Actions
          • 2. Re:
            cristant
            cristant Sep 21, 2007 5:38 PM (in response to tucano)

            I entered this as a bug in the JIRA system here http://jira.jboss.com/jira/browse/JBAS-4747. Feel free to add any more information to it if you have any.

            Thanks,
            ~Matt

              • Actions