The counterpart to login is logout. The best practice for implementing logout is to use an IWActionModule. While a complete action module has initialization, validation, and execution, a logout action requires only that the ApplicationSecurityDelegate can perform session handling.
The controller that manages the interaction between the Login application module and the AppUserFactory model object is the ApplicationSecurityDelegate. This singleton class is created when an application is installed using the Istarel Workshop Application Framework. As part of that process, several stub methods are built, including those that support login and authentication. I need to modify them to provide actual security.
The AppUserFactory model object plays a simple but crucial role in application security: the ApplicationSecurityDelegate passes credentials from the Login form to the AppUserFactory to retrieve the associated user record. If such retrieval is impossible, then the AppUserFactory returns nothing. If successful, an AppUser object is returned.