Reputation: 129
Erase cookie in websphere- how to log out
I am using another webpage that passes the user authentication( AD login ) to WebSphere by URL. When I am logging out I am redirecting towards the log-in page and is already logged in since my session is never closed. I tried a few things to disable the cookie with WebSphere but nothing worked. Is there an easy way to delete the cookies with a java code when I press the log out button? Any help is very appreciated.
Upvotes: 2
Views: 3844
Answers (1)
Reputation: 18050
If you are using WebSphere 8.x you should use servlet 3.0 api and the request.logout() method, before you are doing redirection to the logout page. This method will remove session and authentication cookies.
For older WebSphere versions/ servlet api use the following (deprecated in WAS v8):
try {
WSSecurityHelper.revokeSSOCookies(req, res);
} catch(Exception e) {
...
}
UPDATE
For v7 I'd recommend form-logout.
If you want to logout form application you create the following logout form, or create custom post to the ibm_security_logout you can use logoutExitPage to redirect to desired page after logout:
<h2>Sample Form Logout</h2>
<FORM METHOD=POST ACTION="ibm_security_logout" NAME="logout">
<input type="submit" name="logout" value="Logout">
<INPUT TYPE="HIDDEN" name="logoutExitPage" VALUE="/login.html">
</form>
For more details see Customizing login/logout
If you cannot use this form logout then use the WSSecurityHelper.revokeSSOCookies(req, res) as shown above in your servlet.
Upvotes: 3
Related Questions
- how to delete the cookies in jsp/java
- How do you remove a Cookie in a Java Servlet
- How to remove a cookie
- Deleting Cookies in Java / How browser delete cookies
- Delete specific cookies from webengine JavaFX
- Websphere8.5 j2ee log out from single sign on
- way to delete cookie
- delete cookies on session timeout in java
- How to delete cookies?
- Java Servlet/JSP Cookie Disconnect