Thanks for your answer,
but where can I call the method?
The JBossActionResponse in the portlet doesn't have such a method.
I tried to call it in a custom commandMapper but
i also can't find the correct response.
In your CustomMapper use
public ControllerCommand doMapping(ServerInvocation invocation, String portalContextPath, String portalRequestPath) use invocation.getResponse().setWantSignOut(true);
i tried this, but it does not work.
Can I help you with some more infos?
we solved the Problems assosiated with the principal.
Our main problem was a misplaced jbosssx.jar.
it was duplicated in server/xxx/libs and server/xxx/deploy/xxx/lib.
Then I turned of caching in J aasSecurityManagerService mbean (jboss-Service.xml)
and set flushOnSessionInvalidation="true" in jboss-web.xml
and voila - the principal is reloaded on each login.
The sessionId is flushed on the server side too - so everything works fine..
But is there a simple possibility to set a new sessionId (invalidate the cockie) on the client?
To force the invalidation you can try invalidating the http session in your custom mapper and see if that works.