how to invalidate existing session and create new session in jsf?

i am creating a session Map in PageCodeBase.java class like this

sessionScope = (Map) facesContext.getApplication().createValueBinding("#{sessionScope}").getValue(facesContext);

I have Logon.java which extends the PageCodeBase class

for security reason,whenever the user logon to the application i want to invalidate the existing session and create a new session in my managed bean class Logon.java.

how can i do this ? please help me.

Actually it's not you who is creating that code.
I believe that code is being created by IBM's RAD.

The simplistic way of acheiving this is to wrap a Filter around the Faces servlet. Check for the URL, and if it's login page, then invalidate the existing session and create a new session.

In a generic sense here is how to invalidate a session from Faces:

ExternalContext ectx = FacesContext.getCurrentInstance().getExternalContext();
HttpServletResponse response = (HttpServletResponse)ectx.getResponse();
HttpSession session = (HttpSession)ectx.getSession(false);
session.invalidate();

Thanks chris,

I invalidated my session like this in Logon.java

session = (HttpSession)facesContext.getExternalContext().getSession(false);
session.invalidate();

but how can i create a new session.i put the follwing line after invalidating but it is failing,

sessionScope = (Map) facesContext.getApplication().createValueBinding("#{sessionScope}").getValue(facesContext);

can you help me.

Originally posted by saivenkat venkatesan:
but how can i create a new session.i put the follwing line after invalidating but it is failing,

Well, how do we create a new session in JSP or Servlet?
[ September 13, 2006: Message edited by: Adeel Ansari ]