Hi,
I used the code below; the extra step may give the container a chance to
really invalidate the session before redirecting to the loggedOut.jsp. Your
action mapping looks the same(ish) as mine.
HttpSession session = request.getSession (false);
if (session != null)
{
session.invalidate();
}
Jon.
-----Original Message-----
From: Torsten Terp [mailto:[EMAIL PROTECTED]]
Sent: 22 June 2001 14:37
To: [EMAIL PROTECTED]
Subject: RE: Invalidating sessions and container auth.
Hi,
I have the same problem (running Jetty as the servlet container)
Did you solve buy doing like below:
<!-- logout -->
<action path="/logout"
type="com.netmill.servicedatabase.bean.actions.LogoutAction"
name="logoutForm"
scope="request"
input="/servicedatabase/logout.jsp">
<forward name="success" path="/servicedatabase/loggedOut.jsp"
redirect="true"/>
</action>
^^^^^^^^^^^^^^^^
||||||||||||||||
Unfurtunately this does not have any effect on my logout :-( All my logout
action does
is call session.invalidate(), is this how it works for you?
Thanks...
^terp
-----Original Message-----
From: Jon.Ridgway [mailto:[EMAIL PROTECTED]]
Sent: Friday, June 22, 2001 2:37 PM
To: [EMAIL PROTECTED]
Subject: RE: Invalidating sessions and container auth.
Hi All,
Just to let you know in case anyone ever has a similar problem, I found a
solution to the problem outlined below. Just had to add a
redirect="true" to the local forward in the ActionMapping for my
LogoutAction. I guess using a redirect forces the container auth
mechanism to check things.
Jon.
-----Original Message-----
From: Jon.Ridgway [mailto:[EMAIL PROTECTED]]
Sent: 21 June 2001 15:27
To: [EMAIL PROTECTED]
Subject: Invalidating sessions and container auth.
Hi All,
This isn't a struts specific question, but someone may have an answer...
I'm using form based auth in my Struts based app and I need an option to log
user out. Right now my LogoutAction perform method
calls request.getSession (false).invalidate(). The problem is that the
container (in this specific case Tomcat 3.2.1) doesn't
recognize that the user has been logged out. As no attempt is made to
re-auth them. Is there a standard Java way to log a user out
and force a container to re-auth ?
Jon.
