We are testing security and single sign-on in HP Bluestone 8.0 web engine.

We are testing with the <single-sign-on enabled="true"/> option (config/hpas/servlet-service-config.xml):
      <single-sign-on enabled="true"/>

I can successfully login using form-based login (j_security_check). However when I try to logout using this code:

  response.sendRedirect( "index.jsp" );

the container doesn't log out a user. The user stays logged in. The "JSESSIONID" stays untouched.

How do I logout from the HP Bluestone 8.0 web container, with single sign on option enabled?

Sergei Batiuk.