Do you use basic http security to logon? Or form based security?
If you use basic security this is normal as the browser log you an again after logout automatically. Use form based security and it should work.
I am using form based security.
In the projest I build we just placed af:goLink element and specified text property to Logout and "destination" property to /adfAuthentication?logout=true&end_url=/faces/login.jspx
"So after logout, if we login back with a different login, we observe that some of the field values of the SessionScopeBean is coming from pervious session."
As this is a session bean it goes away all or nothing. So it sound strange if only some values remain. Note that instead of navigating to the login.jspx page after logout you shouldnavigate to a page that is protected either by a security constraint in web.xml or using ADF Security. This way the authentication servlet redirects to the login page. Its important for container managed authentication that the container navigates to the login page and not the application (unless you perform programmatic authentication - which then would not be form based but basic).
In following code I changed the end_url to a ADF security protected page.
String url = ectx.getRequestContextPath() +
So after logout, I am redirected to login page eventually, but this problem is not resolved. I can still see values of previous session. Is there anything else I can check to ascertain, eviction of Session bean?
Also, in my previous projects, login page was not a part of adfc-config.xml, and there was no such problem in those projects.
In this project I have created login.jspx and logout.jspx a part of adfc-config.xml, is there any possibility that this might be causing this issue?