RE: Orion user management - Johan Frederikson comment

[peter_saurugger]

Logging out is clearing the state of the session; hence, I assume all you need to do is call remove on your stateful session beans in your client logout method, as well as re-setting any state you keep on the client ... -----Original Message----- From: Randahl Fink Isaksen [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 03, 2002 12:26 PM To: Orion-Interest Subject: RE: Orion user management - Johan Frederikson comment Well,   Johan Frederikson and Peter van Rensburg,   you both kindly mention the possibility of using the standard session.invalidate() for logging out the user. However, I think this would require me to write a servlet which (as we all know) automatically has access to the session object. This seems like a very strange approach to me, if one chooses to base ones system on Orions EJB-features and RMI only - i.e. if you are writing a non JSP-system.    - In our design, our Swing-based client has a simple interface to the server consisting of a set of Session Beans upon which the client invokes a number of business methods. One of these Session Beans is used for authentication, so it has a login method and a logout method. It is quite easy to implement the login method since it can just delegate the work to the RoleManagers login method. But then when you want to log out the client, whoooops, there is no corresponding logout method on the role manager... is that not a bit odd? Firing up the whole JSP/Servlets API in an EJB-only system seems a bit ugly, does it not?   To put it briefly: Is there any good reason why the RoleManager does not have a logout method? - is there any alternative??   I am very interested in hearing your views.     Randahl       -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Johan Fredriksson Sent: Wednesday, April 03, 2002 15:39 To: Orion-Interest Subject: Re: Orion user management   session.invalidate(); ? ----- Original Message ----- From: Randahl Fink Isaksen To: Orion-Interest Cc: orion-interest@orionservercom Sent: Wednesday, April 03, 2002 11:08 AM Subject: Orion user management   Hi Peter     I was just wondering: In your search for user management methods have you ever come across a logout() method? It seems odd to me, that there is only a login method on the role-manager interface - if you are dealing with an application client (e.g. a Swing client) instead of a regular web client you log the user in using the role-manager login() method, but there seems to be no means for logging the user out again.     Thanks for your time   Randahl