How do I implement a "logoff" function when using servlet container authentication? I am using Resin. I am able to log a user on without a problem, but am unable to find any useful information on how to log a user off the system. I need to make a "Logoff" link for the site. Any help would be greatly appreciated. -Pete
Ususally sending them to a page that includes session.invalidate() is enough, but I've discovered that this too is vendor specific. For example in Websphere you also need to make other calls, namely new com.ibm.websphere.security.SSOAuthenticator.logout(request, response); Dave.