Javed Just call Session.invalidate() or HttpServletRequest.logout(). The JAASRealm will do the rest, and call logout() on your LoginModule. Note that you can't assume it is the same instance of your login module, that's what all the shared state is for.
EJP --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
