-
1. Re: Global logoff
ebephil Sep 10, 2009 3:57 AM (in response to dawebster)Without ever having done anything like it, two ideas come to my mind.
First would be SingleSignOn, but that requires modifications on all containers, which is probably not what you want.
The second, and maybe more practical approach would be InterPortletCommunication via PortletEvents as described in the docs (http://docs.jboss.com/jbportal/v2.7.1/referenceGuide/html/portalapi.html#d0e7108). Once you receive a certain event, your portlets could invalidate their corresponding session.
Maybe it helps :)
Regards
Phil -
2. Re: Global logoff
dawebster Sep 10, 2009 10:08 AM (in response to dawebster)Thanks, that helps. I was thinking there might be some sort of JSR186/268 type mechanism to assist with that.
-
3. Re: Global logoff
ebephil Sep 11, 2009 7:58 AM (in response to dawebster)None that I know of, but then again, I never had a problem like that.
JSR-286 however has a standardized event mechanism (Ch.15, Coordination between portlets), although I haven't read the spec yet (sticking with JSR-168). -
4. Re: Global logoff
apemberton Sep 16, 2009 8:16 AM (in response to dawebster)We've enabled Tomcat's SSO valve which is effectively very similar to what you're trying to do: http://www.andypemberton.com/jboss/securing-ajax-servlets-in-jboss-portal/
Though, can you further describe your apps and the "four different containers" they run in? Are the consumed with WSRP? How are the sessions initially established to those applications?
The default behavior of the portal is to synchronize the session between the Portal and portlet WARs deployed to it.