DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23764>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23764 logout in SSO from sessions in 2 or more webapps not working Summary: logout in SSO from sessions in 2 or more webapps not working Product: Tomcat 5 Version: 5.0.12 Platform: All OS/Version: All Status: NEW Severity: Major Priority: Other Component: Unknown AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] If I have SSO enabled, and I log on to my webapp, and also visit a second webapp on my localhost, I can't logout anymore. If I go to the page which has the following JSP: remote user <%=request.getRemoteUser() %> in session <%= session.getId() %> <% session.invalidate(); %> and refresh over and over always showed the following: remote user adam in session EB2543D909D52551EA58C77E963CDD17 remote user adam in session EA33F35CCB3D1205A88226029C65939C remote user adam in session 8814C0365D3F0BDD97B1DE9B7EAECD17 remote user adam in session 1B7F0424190985F24A294EA2344888C5 The only way to logout is to close my browser or delete the JSESSIONIDSSO cookie in mozilla. But logout does work for just one app - if I only visit & login to one webapp, when I invalidate the session, I immediately get a login request. NB: The logout functions correctly when all my sessions expire. NB2: When some but not all of my sessions in one SSO time out, I can re-access the timed-out webapps without seeing a login request. Hope that describes it clearly, Adam --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
