Results 1 to 4 of 4

Thread: Why is it so hard to just logout?

  1. Oct 17th, 2006, 03:43 AM #1
    bjorntj
    bjorntj is offline Member
    Join Date
    Nov 2005
    Posts
    67

    Default Why is it so hard to just logout?

    I have searched the forum and I have come to the conclusion that what I now do should work, but it doesn't...

    I do a submit to logout and the code that is run on logout, is the following..:

    Code:
    FacesContext facesContext = getFacesContext();
        HttpSession session = (HttpSession) facesContext.getExternalContext().getSession(false);

        if (session != null) {
            session.invalidate();
        }
        Cookie terminate = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY, null);
        terminate.setMaxAge(0);
        ((HttpServletResponse)(facesContext.getExternalContext().getResponse())).addCookie(terminate);
        SecurityContextHolder.clearContext(); //invalidate authentication
    Why doesn't this work??

    btw, what I do after this code is run, is to forward to the same page, but instead of showing a login page, the same page is shown (which should not happen since you are logged out and you have to be logged in get to this page..)


    Regards,

    BTJ
    Someone wrote:
    "I understand that if you play a Windows CD backwards you hear strange Satanic messages"
    To which someone replied:
    "It's even worse than that; play it forwards and it installs Windows"
  2. Oct 17th, 2006, 04:02 AM #2
    Marten Deinum
    Marten Deinum is offline Senior Member
    Join Date
    Jun 2006
    Location
    The Netherlands
    Posts
    13,632

    Default

    Instead of doing a forward, have you tried to do a redirect? A redirect will result in a new request as a forward will stay on the server, without a new request and without sending the edited response (and thus preserving the cookie).
    Marten Deinum
    Java Consultant / Pragmatist / Open Source Enthousiast / Author

    Pro Spring MVC: With Web Flow
    Conspect

    Have you read the reference guide.
    Use the [ code ] tags, young padawan
  3. Oct 17th, 2006, 04:23 AM #3
    bjorntj
    bjorntj is offline Member
    Join Date
    Nov 2005
    Posts
    67

    Default

    Redirect did the trick.... Thx...

    BTJ
    Someone wrote:
    "I understand that if you play a Windows CD backwards you hear strange Satanic messages"
    To which someone replied:
    "It's even worse than that; play it forwards and it installs Windows"
  4. Oct 18th, 2006, 03:59 AM #4
    Stef-âne
    Stef-âne is offline Junior Member
    Join Date
    Mar 2006
    Posts
    13

    Default

    To logout, I implement this code:

    applicationContext-security.xml

    Code:
    	<!-- Start logout config -->	
<bean id="logoutFilter" class="org.acegisecurity.ui.logout.LogoutFilter">
<constructor-arg value="/jsp/index.jsp"/>
<!-- URL redirected to after logout -->
<constructor-arg>
	<list>
		<bean class="org.acegisecurity.ui.logout.SecurityContextLogoutHandler"/>
	</list>
</constructor-arg>
</bean>
	<!-- End logout config -->
    index.jsp

    Code:
    <%@ page language="java" pageEncoding="ISO-8859-1" contentType="text/html; charset=ISO-8859-1" %>
<%@ taglib uri="http://java.sun.com/jstl/core" prefix="c" %>
<c:redirect url="/jsp/login.jsp"/>
    logout button URL

    Code:
    /j_acegi_logout
    Try it, It works fine to me...
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules