Jakarta Security is not logout the user on EAP 7.4
Issue
I have the following Jakarta Security implementation on EAP 7.4; However the user is never logout
@ServletSecurity(value = @HttpConstraint(rolesAllowed = {"*"}))
@WebServlet("/test")
public class LoginServlet extends HttpServlet {
private static final long serialVersionUID = 6727134101934346153L;
private static final Logger log = LoggerFactory.getLogger(LoginServlet.class);
@Inject
private SecurityContext securityContext;
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String username = request.getParameter("username");
String password = request.getParameter("password");
Credential credential = new UsernamePasswordCredential(username, new Password(password));
request.logout();
AuthenticationParameters authenticationParameters = withParams().credential(credential);
AuthenticationStatus status = securityContext.authenticate(request, response, authenticationParameters);
log.info("Status ...." + status.name());
log.info("request.getUserPrincipal().getName() ...." + request.getUserPrincipal().getName());
response.sendRedirect("/test/login.jsp?username=" + request.getUserPrincipal().getName());
}
}
Environment
- Red Hat JBoss Enterprise Application Platform (EAP) 7.4
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.