myfaces-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Martin Marinschek <martin.marinsc...@gmail.com>
Subject Re: Another change since 1.0.9 - SessionMap.clear() - an explanation
Date Mon, 19 Sep 2005 14:39:30 GMT
Kevin,

can I ask you to open this as an issue? I don't want to do any changes
here without checking back with regards to RI compatibility...

If you open an issue, we will keep this in mind.

regards,

Martin

On 9/19/05, Kevin Roast <kevin.roast@alfresco.org> wrote:
>  
> 
> Hi, 
> 
> I'll explain a little about why we need this. 
> 
> In our application, we have the concept of Users and Login/Logout - all
> pretty standard stuff. 
> 
> The app is a faces JSP web application. When the user logs out of the
> application, we want to invalidation or at least clear the session.
> Obviously because we are in a JSF app, we use an action event handler when
> the user clicks "logout". The example code we used with MyFaces 1.0.9 was: 
> 
>    /** 
>     * Invalidate ticket and logout user 
>     */ 
>    public String logout() 
>    { 
>       FacesContext context = FacesContext.getCurrentInstance(); 
>       
>       // clear Session for this user 
>       context.getExternalContext().getSessionMap().clear(); 
> 
>       // invalidate User ticket 
>       ... 
> 
>       return "logout"; 
>    } 
> 
> As you can see, we clear the session for the user. 
> 
> With MyFaces 1.1.0 you cannot call clear() as it throws
> UnsupportedOperationException. 
> 
> I tried this code instead: 
> 
>    /** 
>     * Invalidate ticket and logout user 
>     */ 
>    public String logout() 
>    { 
>       FacesContext context = FacesContext.getCurrentInstance(); 
>       
>       Map session = context.getExternalContext().getSessionMap(); 
>       User user = (User)
> session.get(AuthenticationHelper.AUTHENTICATION_USER); 
>       
>       // clear Session for this user 
>       Object extSession = context.getExternalContext().getSession(false); 
>       if (extSession instanceof HttpSession) 
>       { 
>          ((HttpSession)session).invalidate(); 
>       } 
> 
>       // invalidate User ticket 
>       ... 
> 
>       return "logout"; 
>    } 
> 
> But suprisingly this doesn't work either. Calling invalidate() throws a
> ClassCastException… 
> 
> Any ideas how we do this with the new MyFaces, or am I going to have to
> patch the source for our application? 
> 
> Thanks, 
> 
> Kevin 
> -- 
> http://www.alfresco.org 
>  
> 
> _____________________________________________ 
> From:   Kevin Roast  
> Sent:   19 September 2005 14:45 
> To:     'myfaces-dev@incubator.apache.org' 
> Subject:        Another change since 1.0.9 - SessionMap.clear() 
> 
> Hi, 
> 
> Can I ask why
> org.apache.myfaces.context.servlet.SessionMap.clear() now
> throws UnsupportedOperationException? 
> 
> Thanks, 
> 
> Kevin 
> -- 
> http://www.alfresco.org 
>  


-- 

http://www.irian.at
Your JSF powerhouse - 
JSF Trainings in English and German
Mime
View raw message