如何使 JSF 2.0 中的会话无效? [英] How to invalidate session in JSF 2.0?
问题描述
使 JSF 2.0 应用程序中的会话无效的最佳方法是什么?我知道 JSF 本身不处理会话.到目前为止,我可以找到
private void reset() {HttpSession session = (HttpSession) FacesContext.getCurrentInstance().getExternalContext().getSession(false);session.invalidate();}- 这个方法正确吗?有没有不触碰的方法ServletAPI?
- 考虑这样一个场景,其中
@SessionScopedUserBean 处理用户的登录-注销.我在同一个 bean 中有这个方法.现在当我在完成必要的数据库后调用reset()方法时更新,我当前的会话作用域 bean 会发生什么?自从甚至 bean 本身也存储在HttpSession中?
首先,这个方法正确吗?有没有不接触ServletAPI的方法?
您可以使用ExternalContext#invalidateSession() 使会话无效,无需获取 Servlet API.
@ManagedBean@SessionScoped公共类用户管理器{私人用户当前;公共字符串注销(){FacesContext.getCurrentInstance().getExternalContext().invalidateSession();返回 "/home.xhtml?faces-redirect=true";}//...}<小时><块引用>
我当前的会话作用域 bean 会发生什么?因为即使是 bean 本身也存储在 HttpSession 中?
它仍然可以在当前响应中访问,但在下一个请求中将不再存在.因此,在无效后触发重定向(新请求)很重要,否则您仍会显示来自旧会话的数据.重定向可以通过在结果中添加 faces-redirect=true 来完成,就像我在上面的例子中所做的那样.另一种发送重定向的方法是使用 ExternalContext#redirect().
public void logout() 抛出 IOException {ExternalContext ec = FacesContext.getCurrentInstance().getExternalContext();ec.invalidateSession();ec.redirect(ec.getRequestContextPath() + "/home.xhtml");}但是在这种情况下它的使用是有问题的,因为使用导航结果更简单.
What is the best possible way to invalidate session within a JSF 2.0 application? I know JSF itself does not handle session. So far I could find
private void reset() {
HttpSession session = (HttpSession) FacesContext.getCurrentInstance()
.getExternalContext().getSession(false);
session.invalidate();
}
- Is this method correct? Is there a way without touching the ServletAPI?
- Consider a scenario wherein a
@SessionScopedUserBean handles the login-logout of a user. I have this method in the same bean. Now when I call thereset()method after I'm done with necessary DB updates, what will happen to my current session scoped bean? since even the bean itself is stored inHttpSession?
Firstly, is this method correct? Is there a way without touching the ServletAPI?
You can use ExternalContext#invalidateSession() to invalidate the session without the need to grab the Servlet API.
@ManagedBean
@SessionScoped
public class UserManager {
private User current;
public String logout() {
FacesContext.getCurrentInstance().getExternalContext().invalidateSession();
return "/home.xhtml?faces-redirect=true";
}
// ...
}
what will happen to my current session scoped bean? since even the bean itself is stored in HttpSession?
It will still be accessible in the current response, but it will not be there anymore in the next request. Thus it's important that a redirect (a new request) is fired after invalidate, otherwise you're still displaying data from the old session. A redirect can be done by adding faces-redirect=true to the outcome, as I did in the above example. Another way of sending a redirect is using ExternalContext#redirect().
public void logout() throws IOException {
ExternalContext ec = FacesContext.getCurrentInstance().getExternalContext();
ec.invalidateSession();
ec.redirect(ec.getRequestContextPath() + "/home.xhtml");
}
Its use is however questionable in this context as using a navigation outcome is simpler.
这篇关于如何使 JSF 2.0 中的会话无效?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
