I understand about JAAS authentication, and I have used form based authentication being submitted to the j_security_check url, my question is, by doing this is it possible to provide a button on the web UI to allow the user to logout?
I have configured JAAS completely declaratively, therefore I do not have runtime access to the LoginContext or LoginModule objects, I login with some web.xml configuration and the j_security_check url.
Is there a standard url to allow the user to logout via a similar url as I have used to login? For example: j_logout or something similar?
There is no special url to do the logout. There is however an alternative and that is by invalidation the http session (HttpSession.invalidate()). This will force the application server in invalidating the server managed jaas subject.