Hi,
I've posted this here, as it was the most relevant place I could find.
I don't think it should go in the
JBOSS forum as it may be common across other Containers....
I'm writing a webapp, and have instructed JBoss/Tomcat to use our company's LDAP server for authentication.
As expected, as soon as I try to access any page, the browser asks you for a username and password, and when entered correctly, you are allowed to access the page. The server has authenticated the browser.
I now want to implement logout functionality, where once clicked, I will redirect the user back to the main page, and a new request for the username and password will be presented.
Unfortunately, I cannot find a way of achieving this, short of closing down the browser and restarting it. Invalidating the session gets rid of the session and all attributes, however the browser remains authenticated with the server. I've looked for cookies and the only one there contains the session ID.
Suggestions?
Thanks in advance,
[ May 23, 2007: Message edited by: Mark Garland ]