• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Logout Procedure

 
Enrico Ascaruta Tangau
Greenhorn
Posts: 11
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
I'm tring to implement a logout procedure for my web app;
this procedure should be activate from ajax commandLink and should destroy backingbeans, invalidate session and (important) redirect to login page (jsp).

How can I do?
 
Tim Holloway
Saloon Keeper
Pie
Posts: 18098
50
Android Eclipse IDE Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The most common way to force a logout is to use the session.invalidate() method, which destroys all session objects, including the container-managed User Principal object. New developments in JEE also provide a specific logout method if your environment is capable of using it.

Redirecting to a login page is automatic when you use the J2EE standard security services. If you invented your own, you're on your own. You'll have to develop, debug, and maintain your own mechanisms. And deal with the consequences when your "secure" software turns out not to be secure.
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic