Blow away both kinds of cookie when logging out. I'm not sure if this will
do anything because these are sort of the same cookie except the domain is different. git-svn-id: https://samskivert.googlecode.com/svn/trunk@1267 6335cc39-0255-0410-8fd6-9bcaacd3b74c
This commit is contained in:
@@ -1,5 +1,5 @@
|
||||
//
|
||||
// $Id: UserManager.java,v 1.23 2003/10/14 02:00:01 mdb Exp $
|
||||
// $Id: UserManager.java,v 1.24 2003/10/14 02:37:53 mdb Exp $
|
||||
//
|
||||
// samskivert library - useful routines for java programs
|
||||
// Copyright (C) 2001 Michael Bayne
|
||||
@@ -273,6 +273,13 @@ public class UserManager
|
||||
c.setMaxAge(0);
|
||||
CookieUtil.widenDomain(req, c);
|
||||
rsp.addCookie(c);
|
||||
|
||||
// we need an unwidened one to ensure that old-style cookies are
|
||||
// wiped as well
|
||||
c = new Cookie(USERAUTH_COOKIE, "x");
|
||||
c.setPath("/");
|
||||
c.setMaxAge(0);
|
||||
rsp.addCookie(c);
|
||||
}
|
||||
|
||||
/** The user repository. */
|
||||
|
||||
Reference in New Issue
Block a user