How do I logout from Java EE container managed security?
Question
I am working in websphere 7.0. I use the security from the application server. I would like to removing the association with the user, so user is redirected to the login page before accessing a secure resource (and request.getUserPrincipal() returns null).
I try :
request.getSession().invalidate();
but the user principal is still associated.
How could I remove that association?
1 answers
solution1
4 ACCPTED 2010-09-02 16:43:41
On websphere, a special logout form calles must be used :
Here what I am using :
<body onload="javascript:document.logout.submit()">
<h2>Sample Form Logout</h2>
<form METHOD=POST ACTION="ibm_security_logout" NAME="logout">
Click this button to log out:
<input type="submit" name="logout" value="Logout">
<INPUT TYPE="HIDDEN" name="logoutExitPage" VALUE="/some url">
</form>
</body>
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
How to Do Java EE Container Security With MongoDB on Tomcat
User managed security in Java EE
Do Java EE interceptors take part in container managed transactions of an EJB
How can I invoke container managed security check from javascript?
How do I create a Java EE container deployable JAR?
Java EE container - self managed threads?
How do i catch exceptions from container managed transaction commit?
How do I upgrade an existing enterprise project from Java EE5 to Java EE 6 in Netbeans (6.9)
How do I intercept selective methods and classes in JAX-RS in Java EE 7 compliant container?
Java Container Managed Security Not Redirecting to Login Page
Related Tags