function outputHeader(request, response)
                    trace = request:getTracer()
                    -- after successful authentication neviauth returns the SecToken as attribute to the proxy
                    secToken = request:getAttribute("ch.nevis.isiweb4.auth.SecToken")
                    if secToken then
                        trace:debug("SessionInvalidationFilter: SecToken part of the attributes returned from nevisAuth: "..secToken)
                        session = request:getSession(false)
                        if session then
                            session:invalidate()
                            trace:info("SessionInvalidationFilter: Session invalidated after successful authentication")
                        else
                            trace:debug("SessionInvalidationFilter: SecToken but no session, nothing to do")
                        end
                    else
                        trace:debug("SessionInvalidationFilter: No SecToken, nothing to do")
                    end
                end