Destroying Session Token Handles (Sun OpenSSO Enterprise 8.0 C API Reference for Application and Web Policy Agent Developers)

Sun OpenSSO Enterprise 8.0 C API Reference for Application and Web Policy Agent Developers

Previous: Validating Single Sign-on Token Handles
Next: Retrieving and Setting Properties

Destroying Session Token Handles

When the caller is finished with a token handle, it must be freed to prevent memory leak by calling am_sso_destroy_sso_token_handle(). The session associated with the token handle can be invalidated or ended with am_sso_invalidate_token().

Tip –

Although this ends the session for the user, the proper way to log out is by using am_auth_logout() as described in am_auth_logout(). Not using am_auth_logout() will result in authentication resources associated with the session remaining on the server unnecessarily until the session has timed out.

Previous: Validating Single Sign-on Token Handles
Next: Retrieving and Setting Properties