Thursday, August 1, 2002 03:30 PM
use the getSession to retrive the session then us the 'invalidate' method to invalidate the session. This will force Tomcat to re authen.
Sunday, December 2, 2001 07:55 PM
Your Question needs bit more explanation still shall give it a go. If the servlet knows the "role" assigned and gives an error(details appreciated) one can always trap the error and redirect it to the login URL(servlet or html or jsp). eg. I have a login servlet which connects to database as sysadmin or normal user. If logged in as a user and i try to update tables it doesnt allow me to do and displays proper alert. I redirect it to the login servlet after the message. I hope answer is related to the question.