Forums Register Login

Form-based Logout ???

+Pie Number of slices to send: Send
Hi All,
Nice to meet u here. I'm developing a web application on Websphere server using IIS and Basic Authorization (Configure Resource Sercurity for authorized group). Login was working fine and I got userid easily by request.getRemoteUser() method, but how to LOGOUT user??? i.e force user to login again without closing then re-opening the browser.
I tried some methods like using SSOAuthenticator, removing session, cookie... but it didn't work.
Does anyone give me advices?
Thanx in advance.
Kevin
+Pie Number of slices to send: Send
The problem is that WebSphere will not only drop the LTPA and SSO cookies (which they will remove) but that Basic authentication puts some header values in the HTTP headers that WebSphere won't remove. Since the browser keeps sending them it'll keep relogging you in each time you visit a protected page.
I think you'll have to zap the HTTP basic authentication headers, too.
Kyle
------------------
Kyle Brown,
Author of Enterprise Java (tm) Programming with IBM Websphere
See my homepage at http://members.aol.com/kgb1001001 for other WebSphere information.
I've never won anything before. Not even a tiny ad:
a bit of art, as a gift, the permaculture playing cards
https://gardener-gift.com


reply
reply
This thread has been viewed 526 times.
Similar Threads
HttpSessionListner in Clustered Environment
Unauthenticated Access to a Secured Resource?
How to Logout and clear the user details in JAAS
Removing the LtpaToken Cookie
WebLogic logout cookie issue.
More...

All times above are in ranch (not your local) time.
The current ranch time is
Mar 19, 2024 01:07:43.