How to log out of multiple application server sessions at once

[g-dot-hardy]

We have two web applications that each run on different Sun application
server instances (A & B). Users login to the both applications using a
single login using SiteMinder. A combined menu allows users access to
functionality in both applications.

When the users log out, we need to invalidate the session on both
application server A and B. In application A, we have a logout.jsp
which calls session.invalidate(), but the session on application B will
not get invalidated. We would like to invalidate both sessions by
hitting the one logout.jsp page.

We have thought of a few options, but do not have a clean solution. One
option would be to have the "Log out" link jump to the logout.jsp for
application A, which invalidates it's session and then forwards to the
logout.jsp for application B.

Does anyone have any other suggestions for ways to invalidate the
session on application B?

Thanks,

Geoff Hardy

 

[Roedy Green]

We have two web applications that each run on different Sun application
server instances (A & B). Users login to the both applications using a
single login using SiteMinder. A combined menu allows users access to
functionality in both applications.

the obvious answer is not to use siteminder, but have your application
manage the connections to A & B itself, then it can logoff or
reconnect to either independently.

The other answer is to scour the siteminder docs. Surely a tool whose
job it is to fake logon to multiple machines also handles logging off
both when you disconnect or logoff from the common port.

If it doesn't, perhaps there is some similar tool from another source
that takes its job seriously.