1 Reply Latest reply on Sep 23, 2002 2:18 PM by Brian

    How to logout? I can't make it work by reading previous post

    Shane Ye Newbie

      Hello I still can't make logout work by reading previous posts on the same topics:

      I am using JBoss2.4.6/Tomcat4.0.3 bundle. Also I am using form based Jaas authentication. After successfully login, I was trying to logout by clicking a button, (by the way, I am using Struts), in the logout handling class(in struts, it's a action class, similar to a servlet). I put request.getSession().invalidate() and then forward the control to application's entry point, if this time it's really logged out, I should be directed to authentication page again, but it doesn't, I was able to get to secured page without being re-authenticated. Any one can tell me how to force it to be re-authenticated after trying to logout? Thanks!!!


      -Shane

        • 1. Re: How to logout? I can't make it work by reading previous
          Brian Newbie

          hey,
          i don't know about 2.4.6, but this code works for 3.0.x when you have the jmx-rmi-adaptor.jar in the server/default/lib directory and put it right after the session.invalidate()...

          InitialContext iContext = new InitialContext();
          String serverName = serverName = java.net.InetAddress.getLocalHost().getHostName();
          RMIAdaptor server = (org.jboss.jmx.adaptor.rmi.RMIAdaptor)iContext.lookup("jmx:" + serverName + ":rmi");

          ObjectName jaasMgr = new ObjectName("jboss.security:service=JaasSecurityManager");
          Object[] params = {"TestDomain"};
          String[] signature = {"java.lang.String"};
          server.invoke(jaasMgr, "flushAuthenticationCache", params, signature);

          System.out.println("[Logoff Action] Auth Cache Flushed");
          maybe it will steer you in the right direction though...

          good luck,
          tool