How To Remove a Principal from HttpServletRequest

Dear Experts,

I'm having problems with people logging in then logout, and when try to login as a different user, the Principal name from request.getUserPrincipal().getName() still holds the previous user's name.

some say we can set Principal to null upon logout but I'm not sure how to go about with this since the interface of Principal only has access methods. Any help would be much appreciated.
Zen_LeowAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
mrcoffee365Connect With a Mentor Commented:
What you do is invalidate the user session.  This call will do it:
HttpSession ses = request.getSession();
ses.invalidate();

We generally also clear the cookies.
0
 
EE_AutoDeleterCommented:
I've requested that this question be deleted for the following reason:

No comment has been added to this question in more than 21 days, so it is now classified as abandoned.

I have recommended this question be closed as follows:

Not enough information to confirm an answer.

If you feel this question should be closed differently, post an objection and a moderator will read all objections and then close it as they feel fit. If no one objects, this question will be closed automatically the way described above.

Experts-Exchange Auto Deleter
0
 
mrcoffee365Commented:
The answer was correct and can help other users.

Award points to mrcoffee365
0
All Courses

From novice to tech pro — start learning today.