• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Log out method is not closing the session
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Log out method is not closing the session

  • Subject: Re: Log out method is not closing the session
  • From: Timo Hoepfner <email@hidden>
  • Date: Tue, 23 Jun 2009 14:01:59 +0200
Depends on the app. If your start page is a login page, you should make sure it doesn't create a session, until login succeeded.

E.g. don't use WOSubmitButton, use a regular input type="submit" instead and use a directAction on the surrounding WOForm. Then you set the name on the inputs explicitly and retrieve the formValues in the directAction and handle the login. E.g.:

public WOActionResults loginAction() {
	String userName = request().stringFormValueForKey("login");
	String password = request().stringFormValueForKey("password");

try {
if (ERXStringUtilities.stringIsNullOrEmpty(userName) || ERXStringUtilities.stringIsNullOrEmpty(password))
throw new IllegalArgumentException();

EOEditingContext ec = ERXEC.newEditingContext();
User user = User.fetchRequiredUser(ec, User.LOGIN.is(userName).and(User.PASSWORD.is(password)));

		// you won't get here if there is no such user/password combination
		Session session = (Session) session(); // creates the session
		session.setDefaultEditingContext(ec);
		session.setUser(user);

		HomePage homePage = pageWithName(HomePage.class);
		return homePage;
	} catch (IllegalArgumentException e) {
		// user or password empty
		return handleLoginFailure(...);
	} catch (NoSuchElementException e) {
		// no such user/password combination
		return handleLoginFailure(...);
	} catch (Exception e) {
		// everything else
		return handleLoginFailure(...);
	}
}

Am 23.06.2009 um 13:05 schrieb Gustavo Adolfo Pizano:

aha.. so I should not redirect to main but another  page?

G.


On Jun 23, 2009, at 12:58 PM, Timo Hoepfner wrote:

Chances are that the session gets terminated, but your main/start page immediately creates a new one... Usage of certain common components creates a new session if there is none.

Timo


Am 23.06.2009 um 10:55 schrieb Gustavo Adolfo Pizano:

Hello.

I followed they way PWO says how to handle log out, I created a method Logout that it;s being called from a WOHyperLink, there I do the follwoing
public WOComponent logout()
{
session().terminate();
WORedirect mainPage = (WORedirect) pageWithName("WORedirect");
mainPage.setUrl(context().directActionURLForActionNamed("default", noWOSID));
return mainPage;
}

I get redirected to the login page, but javaMonitor shows me that the Session its still active.


what Im doing wrong?

G.

_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden




_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden






References: 


 >Log out method is not closing the session (From: Gustavo Adolfo Pizano <email@hidden>)


 >Re: Log out method is not closing the session (From: Timo Hoepfner <email@hidden>)


 >Re: Log out method is not closing the session (From: Gustavo Adolfo Pizano <email@hidden>)






    

  • Prev by Date:
Thank you WebObjects + community

    • 

  • Next by Date:
Re: Security Issue for Hudson

    • 

  • Previous by thread:
Re: Log out method is not closing the session

    • 

  • Next by thread:
Thank you WebObjects + community

    • 

  • Index(es):

      

    • Date
      • 

    • Thread
      • 

    

    •