I have an application, using Oracle UIX. I use Basic Login Authentication. when the user hits the datapage, the browser display a browser logon, user and password. However, after this step, user is logged on, even if you close and reopen the browser, still you can access and query the page without logon. I tried to use session.invalidate, but still didn't work (although I can see a println message that confirms that this part has been run. I can send the user back to a jsp page, but I want to make sure that all the user id and password are deleted, so the browser will be forced to pop up the login dialogue again on next request to open. I would appreciate your help and assistance.
Using OC4J 10g