How to Remove Identity Immediately in Web Application ?
(Doc ID 1523512.1)
Last updated on AUGUST 31, 2020
Applies to:Oracle WebLogic Server - Version 10.3.6 to 22.214.171.124
Information in this document applies to any platform.
After executing session.invalidate(), the security context still contains the authenticated subject.
To illustrate this, here is a simple JSP page :
After calling session.invalidate(), the principals can be still listed.
However, the security subject is removed after this JSP page execution.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document