glassfish_at_javadesktop.org wrote:
>We have different webapps affording a login.
>Due to the sso-feature users have to log in one application to access the others without logging in again.
>How can we implement a logout functionality from all webapps at the same time?
>As long as there is one active session, the user (or somebody else :) can access all webapps. How to invalidate all active session of one user?
>
>
If you log out from one of the sessions participating in SSO (by calling
its invalidate() method), all other sessions belonging to the same SSO
entry will be destroyed as well, and the SSO entry will be purged.
In other words: If you log out from one of the apps, you will be logged
out from all the other apps as well.
On the other hand, if one of the sessions participating in SSO merely
expires, the SSO entry (and all the remaining sessions associated with
it) will remain active.
Jan
>:-)
>Thanks
>[Message sent by forum member 'mithridates' (mithridates)]
>
>http://forums.java.net/jive/thread.jspa?messageID=232298
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
>For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>
>
>