invalidate session weblogic + orbeon in single ear file

> Hi,
>
> I have an EAR file with contains 2 wars, my application and orbeon.
>
> My weblogic.xml has this:
>
> <session-descriptor>
>        <sharing-enabled>true</sharing-enabled>
>                <cookie-http-only>false</cookie-http-only>
>                <persistent-store-type>replicated_if_clustered</persistent-store-type>
>    </session-descriptor>
>
> Everything works perfectly until when user logs out.
>
> When user uses the system w/o going through orbeon, session.invalidate(),
> logs out the user perfectly.
>
> But when user uses the system and goes through orbeon (fill out some online
> forms), session.invalidate() doesn't log out the user and just bring the
> user back to the home page which is protected.
>
> the workaround is calling weblogic specific method, particularly:
>
> weblogic.servlet.security.ServletAuthentication.invalidateAll(request);
>
> its an ugly workaround, I don't want my code depending to weblogic jars.
>
> Is there a cleaner way to invalidate the session on both my application
> contexts and orbeon without resorting to weblogic specific methods?
>
>
>
>
> --
> View this message in context: http://orbeon-forms-ops-users.24843.n4.nabble.com/invalidate-session-weblogic-orbeon-in-single-ear-file-tp4602167.html
> Sent from the Orbeon Forms (ops-users) mailing list archive at Nabble.com.
>
>
> --
> You receive this message as a subscriber of the [hidden email] mailing list.
> To unsubscribe: mailto:[hidden email]
> For general help: mailto:[hidden email]?subject=help
> OW2 mailing lists service home page: http://www.ow2.org/wws
>