public void logout() { try { clearRunAsIdentitiesInternal(); this.securityManager.logout(this); } finally { this.session = null; this.principals = null; this.authenticated = false; //Don't set securityManager to null here - the Subject can still be //used, it is just considered anonymous at this point. The SecurityManager instance is //necessary if the subject would log in again or acquire a new session. This is in response to //https://issues.apache.org/jira/browse/JSEC-22 //this.securityManager = null; } }
securityManager.login(subject, badToken); Assert.assertTrue(true); securityManager.logout(subject); securityManager.login(subject, badToken); Assert.fail("Should not succeed to login with an incorrect password"); Assert.assertTrue(true); securityManager.logout(subject); securityApi.invalidateUser(username, callContext);
public void logout() { try { clearRunAsIdentitiesInternal(); this.securityManager.logout(this); } finally { this.session = null; this.principals = null; this.authenticated = false; //Don't set securityManager to null here - the Subject can still be //used, it is just considered anonymous at this point. The SecurityManager instance is //necessary if the subject would log in again or acquire a new session. This is in response to //https://issues.apache.org/jira/browse/JSEC-22 //this.securityManager = null; } }
@Override public void logout(Subject subject) { delegate.logout(subject); }
public void logout() { try { clearRunAsIdentities(); this.securityManager.logout(this); } finally { this.session = null; this.principals = null; this.authenticated = false; this.runAsPrincipals = null; //Don't set securityManager to null here - the Subject can still be //used, it is just considered anonymous at this point. The SecurityManager instance is //necessary if the subject would log in again or acquire a new session. This is in response to //https://issues.apache.org/jira/browse/JSEC-22 //this.securityManager = null; } }
securityManager.login(subject, badToken); Assert.assertTrue(true); securityManager.logout(subject); securityManager.login(subject, badToken); Assert.fail("Should not succeed to login with an incorrect password"); Assert.assertTrue(true); securityManager.logout(subject); securityApi.invalidateUser(username, callContext);