How to log out user from web site using FORM authentication?

5
votes

I am using FORM authentication, together with Realm. I would like to know how can I log out.

The only solution so far is to close browser, but that's not acceptable from the usability standpoint.

2
tomcatauthentication
Thanks for adding the solution in bold! Has probably (not tested yet but seems right) saved me from surfing the web for half an hour. - Zhubarb

2 Answers

5
votes

Most likely, invalidating the session (HttpSession's "invalidate()" command) will log out the user -- when you close the browser, you're doing the equivalent.

0
votes

Most forms of authentication use a cookie on the browser to track the session, so you only need to delete that cookie. The Firefox plugin Web Developer can give you a list of cookies for the current domain.