This week's giveaway is in the Spring forum.
We're giving away four copies of REST with Spring (video course) and have Eugen Paraschiv on-line!
See this thread for details.
The moose likes Servlets and the fly likes Logging out of multiple web application from single servlet Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of REST with Spring (video course) this week in the Spring forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "Logging out of multiple web application from single servlet " Watch "Logging out of multiple web application from single servlet " New topic

Logging out of multiple web application from single servlet

Kripal Singh
Ranch Hand

Joined: Jul 26, 2001
Posts: 254
Sorry for posting this again i thought it's more suitable here

I have deployed a single EAR file with multiple web application (WAR files)

I am trying to invalidate the session for all of the web application at any given moment (logout for multiple web app). What is the best way of doing it in servlets? Or is it possible to do it in application.xml

# Help an unprivileged kid.<br /> Whatever u do will make a difference...<br /> a child's life & ur own #<br /><a href="" target="_blank" rel="nofollow"></a>
Jeanne Boyarsky
author & internet detective

Joined: May 26, 2003
Posts: 32815

As far as I know, a session is only for a web app. I know you can't access sessions in multiple ears and assume that is true for wars.

We use a third party product (trusted application inteceptor) for this. Or if you have a predefined number of apps, you could have your app call a logout action on all the other apps.

[OCA 8 book] [Blog] [JavaRanch FAQ] [How To Ask Questions The Smart Way] [Book Promos]
Other Certs: SCEA Part 1, Part 2 & 3, Core Spring 3, TOGAF part 1 and part 2
Ajith Anand
Ranch Hand

Joined: Aug 30, 2004
Posts: 40
Hi Kripal,

I think it very much depends on the applicaton server as well as the session-management mechanism of the server.

In a cookie-based scenario so long as you are in compliance with the cookie read/write rules ( you are not reading a cookie of from a domain etc....please refer for more details..
cookie reference )

I think you can achieve this by way of unsetting all the cookies , especially the "SESSIONID" / "AUTHENTICATION" cookies from one of your servlets, make sure you are doing this for all the paths you would refer to in your WARs. For eg if you have app1.war app2.war with context paths app1 and app2 in your EAR. you would need to unset the cookies for paths : app1 and app2.

LXI Technologies P Ltd
I agree. Here's the link:
subject: Logging out of multiple web application from single servlet
It's not a secret anymore!