This discussion is archived
5 Replies Latest reply: Sep 2, 2013 3:30 AM by ParagAwadhiya RSS

Logout not working on ADF 11.1.1.7

ParagAwadhiya Newbie
Currently Being Moderated

Hi,

 

Following method is registered as a method action inside adfc-config.xml:

 

  public void performLogout() {

      FacesContext fctx = FacesContext.getCurrentInstance();

        ExternalContext ectx = fctx.getExternalContext();

        String url = ectx.getRequestContextPath() +

                   "/adfAuthentication?logout=true&end_url=/faces/login";

      HttpSession session = (HttpSession)ectx.getSession(false);

      session.invalidate();

        try {

          ectx.redirect(url);

        } catch (IOException e) {

          e.printStackTrace();

        }

        fctx.responseComplete();       

    }

 

We have created a session scope bean where in we keep some user related information such as his name. So after logout, if we login back with a different login, we observe that some of the field values of the SessionScopeBean is coming from pervious session.

Please let us know, if we are missing on anything.

  • 1. Re: Logout not working on ADF 11.1.1.7
    Timo Hahn Oracle ACE
    Currently Being Moderated

    Do you use basic http security to logon? Or form based security?

    If you use basic security this is normal as the browser log you an again after logout automatically. Use form based security and it should work.

     

    Timo

  • 2. Re: Logout not working on ADF 11.1.1.7
    ParagAwadhiya Newbie
    Currently Being Moderated

    I am using form based security.

  • 3. Re: Logout not working on ADF 11.1.1.7
    Michael Shapira Explorer
    Currently Being Moderated

    In the projest I build we just placed af:goLink  element and specified text property to Logout and "destination" property to /adfAuthentication?logout=true&end_url=/faces/login.jspx

  • 4. Re: Logout not working on ADF 11.1.1.7
    Frank Nimphius Employee ACE
    Currently Being Moderated

    Hi,

     

    "So after logout, if we login back with a different login, we observe that some of the field values of the SessionScopeBean is coming from pervious session."

     

    As this is a session bean it goes away all or nothing. So it sound strange if only some values remain. Note that instead of navigating to the login.jspx page after logout you shouldnavigate to a page that is protected either by a security constraint in web.xml or using ADF Security. This way the authentication servlet redirects to the login page. Its important for container managed authentication that the container navigates to the login page and not the application (unless you perform programmatic authentication - which then would not be form based but basic).

     

    Frank

  • 5. Re: Logout not working on ADF 11.1.1.7
    ParagAwadhiya Newbie
    Currently Being Moderated

    Hi Frank,

     

    In following code I changed the end_url to a ADF security protected page.

     

    String url = ectx.getRequestContextPath() +

                       "/adfAuthentication?logout=true&end_url=/faces/welcome"

     

    So after logout, I am redirected to login page eventually, but this problem is not resolved. I can still see values of previous session. Is there anything else I can check to ascertain, eviction of Session bean?

     

    Also, in my previous projects, login page was not a part of adfc-config.xml, and there was no such problem in those projects.

     

    In this project I have created login.jspx and logout.jspx a part of adfc-config.xml, is there any possibility that this might be causing this issue?

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points