How can authorized user logout when using tomcat 6.0

I have implemented the login flow for user using standard authorization configuration in web.xml.

However, I cannot find a way to logout so that user can login again using the another user account.

I am using tomcat 6.0 and cannot find related information for logout process from tomcat doc. Can anyone help me?

Thanks

[343 byte] By [wai__a] at [2007-11-27 3:42:45]

«« Weak Reference?
»» JXTable column header

# 1

can anyone give me some hits for that problem?Thanks

wai__a at 2007-7-12 8:46:22 >

top of Java-index,Security,Other Security APIs, Tools, and Issues...

# 2

I have found a solution.

if I am using BASIC method, username and password would remain in browser memory, logout action is not available and user need to close the current browser and then start a new browser for a new login.

if I am using FORM method, logout action can be done easily by invalidating user session.

wai__a at 2007-7-12 8:46:22 >

# 3

session.invalidate();

Batsupa at 2007-7-12 8:46:22 >

Java programming resources: FAQs, tutorials, compiler and browser download sites, documentation, books lists, IDEs, etc.

How can authorized user logout when using tomcat 6.0

Security New Topic

Security Hot Topic

Security

All Classified