Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

JSF updating page correctly after logging out

Posted on 2010-11-22
9
Medium Priority
?
863 Views
Last Modified: 2013-11-24
I have the following method that logs out the user:
public String logout() {
        FacesContext context = FacesContext.getCurrentInstance();
        ExternalContext ec = context.getExternalContext();
        final HttpServletRequest request = (HttpServletRequest)ec.getRequest();
        request.getSession(false).invalidate();
        return "success";
    }
When success is returned, the user is redirected to login.xhtml vi faces-config.xml
The user is logged out and can't navigate where he needs to be authenticated. But the controls that are to be shown only if the user is logged in, are still showing on the first page display. After refreshing the page, or trying to navigate away from it(wich in turn re-displays it) the controls for a logged in user are correctly taken away.

As an example of such an control:
<h:outputText value="#{msgs.loginBoxInfo}#{': '}" rendered="#{bean.isLoggedIn()}" styleClass="boxedTitle"/>

    public boolean isLoggedIn() {
        ExternalContext external = FacesContext.getCurrentInstance().getExternalContext();
        HttpServletRequest request = (HttpServletRequest) external.getRequest();
        username = request.getRemoteUser();
        if(username == null || username.equals("")) return false; //No user logged in
        if(dbOversikt == null) dbOversikt = new DbOversikt(username); //Making sure that the class handling the database transactions is initiated
        if(dbOversikt != null && subjects == null) subjects = dbOversikt.getSubjects(); //Making sure subjects are fetched from database, if they are not already
        return true;   //Yes, a user is logged in

So, everything works correctly, just one display later then it should. I want all controls as the one mentioned above gone as soon as the user logs out. Any tips?
0
Comment
Question by:itnifl
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 6

Expert Comment

by:__geof__
ID: 34194498
In your logout method, you probably need to set the username to null or "".
0
 
LVL 10

Expert Comment

by:Hegemon
ID: 34195384
You can try getting session in the isLoggedIn() method.

If it is null, the user is logged out.
If not, call session.getCreationTime(). If it throws an IllegalStateException, the session is invalidated and the user is logged out. Otherwise proceed as you currently do.
0
 
LVL 2

Author Comment

by:itnifl
ID: 34199184
geof: I changed the logout method and set the username = ""; at the start of the merhod. It didn't help. It looks like the login page that I am directing to is getting rendered before the changes in the logout method occur/are registered.

Hegemon: Could you give me an example?
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 10

Expert Comment

by:Hegemon
ID: 34199364
public boolean isLoggedIn() {
        ExternalContext external = FacesContext.getCurrentInstance().getExternalContext();
        HttpServletRequest request = (HttpServletRequest) external.getRequest();
        HttpSession session = request.getSession(false);
        if (session == null) return false;
        try {
            session.getCreationTime();      // Or any other call that will throw this exception
        } catch (IllegalStateException e) { // Thrown if the session is invalidated
           return false;
        }
0
 
LVL 2

Author Comment

by:itnifl
ID: 34202725
Thanks.
Still same problem :(
0
 
LVL 22

Accepted Solution

by:
mbonaci earned 2000 total points
ID: 34217007
Why don't you use request.isRequestedSessionIdValid() in isLoggedIn(), before getting username?
0
 
LVL 2

Author Closing Comment

by:itnifl
ID: 34218704
That did the trick! Thank you!
0

Featured Post

More Than Just A Video Library

Train for your certification. Learn the latest DevOps tools. Grow your skillset to do better work.

At Linux Academy, we release new training modules every week so you'll always be up to date on the latest tech.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For beginner Java programmers or at least those new to the Eclipse IDE, the following tutorial will show some (four) ways in which you can import your Java projects to your Eclipse workbench. Introduction While learning Java can be done with…
This was posted to the Netbeans forum a Feb, 2010 and I also sent it to Verisign. Who didn't help much in my struggles to get my application signed. ------------------------- Start The idea here is to target your cell phones with the correct…
Video by: Michael
Viewers learn about how to reduce the potential repetitiveness of coding in main by developing methods to perform specific tasks for their program. Additionally, objects are introduced for the purpose of learning how to call methods in Java. Define …
Viewers will learn about the regular for loop in Java and how to use it. Definition: Break the for loop down into 3 parts: Syntax when using for loops: Example using a for loop:
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question