Hi, I cannot help you much further, I didn't play with Valves up to now ;-). I just noticed that a JBoss specific valve seems to require the credentials, so I concluded that you cannot remove them before this valve is processed. I don't have any experience with Valves, so it is up to you to dig into this ;-).
But maybe it would help to get a better answer than mine, if you could post your logout code snippet and the location. And please tell us why the standard JBoss logout ("session.invalidate()") does not work for you. Best do this in the your security forum thread. Best regards Wolfgang View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4222261#4222261 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4222261 _______________________________________________ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user