aspose file tools*
The moose likes JSF and the fly likes Logout function not working in JSF Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » JSF
Bookmark "Logout function not working in JSF" Watch "Logout function not working in JSF" New topic
Author

Logout function not working in JSF

Rahul Raj cochin
Greenhorn

Joined: Mar 29, 2012
Posts: 9
I have used 'logout' function in loginbean class.

public String logout()
{
FacesContext ctx = FacesContext.getCurrentInstance();
ExternalContext etx = ctx.getExternalContext();
HttpSession session = (HttpSession)etx.getSession(false);
session.invalidate();
return "logout";

}


And in the home page(redirect page after login), I have added a command link for logout..

<h:commandLink action="#{user.logout}">
<hutputText value="Logout"/>
</h:commandLink>

Even after clicking logout option, session is not invalidated, and stays on the same page without redirecting to login page.

Navigation rules are already mentioned in facesconfig.xml and attached here as image file for reference...


[Thumbnail for navigation.PNG]

Mark Reyes
Ranch Hand

Joined: Jul 09, 2007
Posts: 426
Hi,

Have you checked if your method was really called? Thanks.


Sean Clark ---> I love this place!!!
Me ------> I definitely love this place!!!
Rahul Raj cochin
Greenhorn

Joined: Mar 29, 2012
Posts: 9
Mark Reyes wrote:Hi,

Have you checked if your method was really called? Thanks.


Yes, it's not going inside the function..(tried out some SOP statements)
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16061
    
  21

Welcome to the JavaRanch, Rahul!

I start with my customary caution that user-written login systems are not recommended for security reasons.

Regardless of whether you use the J2EE standard security login or you roll your own (with all the risks and expenses that that entails), the way to logout is the same. Invalidate the session.

However. In JSF, a session is not the same thing as being logged in. JSF uses sessions to a much greater degree than most J2EE platforms do. So it's very common that you log out, invalidating a session, and JSF immediately creates a whole new session. That is not only normal, it is necessary. However, this new session should differ from the session that it just replaced, because none of the session objects (attributes) from the pre-logout session should be present in the new session. Any attributes that do exist in the new session should have been created when the new session was created.

So, if you are logged in, you have a session, but just because you have a session doesn't mean that you're logged in.


Customer surveys are for companies who didn't pay proper attention to begin with.
Rahul Raj cochin
Greenhorn

Joined: Mar 29, 2012
Posts: 9
Thank you for the information..
But can you tell me why logout function is not working?
When I click 'logout' option, it should invalidate session and redirect to login page.
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16061
    
  21

Wou do you know "logout()" is not working? Have you set a breakpoint to see if it's being executed at all?

Action methods will be silently ignored if any of the following are true:

1. The method which is named is not present in the indicated backing bean.

2. The method signature does not conform to JSF requirements (no arguments, public, returns String or void). Void only applies to JSF2.

Additionally, the following condition MUST be true.

3. The control firing the action is within a JSF h:form element.

4. ALL control values of the JSF form containing the control that fires the action have valid values in them OR the control firing the action is supplied the attribute "immediate="true"".
Rahul Raj cochin
Greenhorn

Joined: Mar 29, 2012
Posts: 9
Thanks!!
I got it!
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Logout function not working in JSF