1 Reply Latest reply on Jan 5, 2002 9:15 PM by Luke Taylor

    logging out in FORM based authentication

    suresh Newbie

      Hi all
      I have a web-app which uses FORM based authentication with DataBaseServerLoginModule. It works fine and the users are getting authenticated. When a user clicks a logout button, a logout JSP page is called and it has

      session.invalidate()
      response.sendRedirect(<protected resource>)

      this calls again some times the login page and sometimes a page inside protected area without authentication.
      Also we are able to see the previous page before logout by clicking Browser back button.
      Is the session properly invalidated or JBoss has any other method to accomplish this

      Thanks in advance
      Suresh