This content has been marked as final. Show 2 replies
Iam using Form Based authentication method and a custom login module with JBoss application server to authenticate/authorize a web application.
I have an issue of security credentials getting cached and are not getting cleared until the browser is closed. (i.e) For e.g If I login as 'SUD' and go to the homepage, if I try to go back to Login page without closing the browser(by rewriting the URL), I am not getting the Login page, instead the HomePage gets redisplayed with the same credentials as before.
I tried flushing the credentials from the Jmx-Console, setting the defaultCacheTimeout to 0 but it has not solved the issue.
Can someone please advice me regarding this?