just drop the session dude ;o) hreq.getSession().invalidate();
ok thats not really the best way to do it but it would work from the user prespective although the principals would be stored in the cache if they relogged in so you wouldnt get any updated information (roles for instance) the correct procedure should be to get the login context and do lc.logout(); View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3840477#3840477 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3840477 ------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
