tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eric Everman <>
Subject Re: Logout using FORM based authentication
Date Fri, 07 Jun 2002 19:12:01 GMT
Prior to the Servlet 2.3 spec, it was ambiguous as to when a client was no 
longer logged in.  The 2.3 servlet spec states that a client is logged out 
when their session is invalidated.  So if Tomcat works as advertised, 
session.invalidate() should do what you expect.

Eric Everman

At 12:49 PM 6/7/2002, you wrote:
>I use a JDBC Realm with FORM based authentication but haven't figured out 
>a way for users to log out. Is it just to call session.invalidate() or is 
>there any better way to do it?
>To unsubscribe, e-mail:   <>
>For additional commands, e-mail: <>

To unsubscribe, e-mail:   <>
For additional commands, e-mail: <>

View raw message