hi,
I have configed http over jndi and the login process works perfectly. Unfortunately the logout does not work.
the codes for logout are very simple:
ctx.close();
loginContext.logout();
The problem is that use can login use any arbitrary user and password until shuting down the
java VM. I have tested on
jboss 3.0.8 and 3.2, same result. In fact, there is nothing in common for the first and second login. After look into SecurityAssociationHandler, I found user name and password were fetched for the second login. Although they are invalid, the login is successful.
Can any one give me a hint? Are the logout codes wrong? Thanks a lot!