-
1. Re: When is JAAS logout() called
ffowler Apr 26, 2002 11:17 AM (in response to ffowler)I still haven't found an answer to this question! In my imagination this should be a really trivial question, but it seems that no one has any idea! Help... please... :)
Frank -
2. Re: When is JAAS logout() called
starksm64 Apr 28, 2002 2:59 AM (in response to ffowler)logout is not called on the server by the caching logic currently. If you want strict login/logout semantics you need to implement your own authentication cache and perform the logout when the session times out. I'm looking at doing this by default.
-
3. Re: When is JAAS logout() called
jean.christophe May 10, 2002 4:21 AM (in response to ffowler)Great, I think that everybody expect this behaviour.
Do you plan to do that on the 2.4.x branch or only
on the 3.x ?
Any idea of the timeframe for this modification ?
Thanks in advance,
jc -
4. Re: When is JAAS logout() called
delirium Oct 29, 2002 12:08 AM (in response to ffowler)Any update on this functionality? I'm using JBoss 3.0.3 and it doesn't seem to be included. When I logout of the client using a request.getSession.invalidate() in a JSP, I seem to still be logged in through JAAS (I'm using a DatabaseServerLoginModule and Form based autherntication). I'd like to be able to log out of both the client and JAAS at the same time, but I'm not sure how to go about this. If anyone has an example of implementing a custom authentication cache as mentioned above I would really appreciate seeing how it works.
thanks. -
5. Re: When is JAAS logout() called
madalin Nov 12, 2002 4:45 PM (in response to ffowler)Hi,
I tryed on JBoss 3.0.4 and has the same functionality, it is still logged in through JASS. There is any way to disable the cache? Any help will be really appreciated.
Best Regards,
Madalin -
6. Re: When is JAAS logout() called
madalin Nov 12, 2002 6:03 PM (in response to ffowler)Hi,
I found out meantime how to flush the cache and it solves the problem.(http://www.jboss.org/modules/bb/index.html?module=bb&op=viewtopic&t=forums/
Best Regards,
Madalin. -
7. Re: When is JAAS logout() called
jpelle Feb 28, 2003 7:49 PM (in response to ffowler)I'm doing the same thing as delirium, and having the same problems. I don't want to flush the cache (not that I am able to do it anyway, since I can't find RMIAdaptor anywhere, and using MBeanServer throws an exception: org.jboss.jmx.server.RMIConnectorImpl_Stub) because that would remove all the cache entries for all users, right? So, I'd like more info on creating my own authentication cache. What is meant by this? Any examples?
It seems to me that if I could store the login context somehow then I should be able to call the logout() method there and voila... But, using FORM authentication how do I get the login context?