使用CDI + JSF使会话无效 [英] Invalidating session with CDI+JSF not working
问题描述
我试图在我的应用程序中实现注销,所以我这样做了:
I'm trying to implement a logout in my application, so I made this:
public String logout(){
try{
FacesContext facesContext = FacesContext.getCurrentInstance();
ExternalContext ex = facesContext .getExternalContext();
ex.invalidateSession();
return "success";
}catch(Exception e){
return "error";
}
}
但是当我检查用户是否登录时,它说是:
But when I check if the user is logged, it says yes:
public class AuthenticateListener implements PhaseListener {
@Override
public void afterPhase(PhaseEvent event) {
AuthorizedUser authorized = (AuthorizedUser) Util.getHandler("authorized");
if (authorized.getUser() == null) {
System.out.println("Not Logged");
} else {
System.out.println("Logged");
}
}
@Override
public void beforePhase(PhaseEvent event) {
// TODO Auto-generated method stub
}
@Override
public PhaseId getPhaseId() {
return PhaseId.RESTORE_VIEW;
}
}
我错过了什么吗?使会话无效后,是否应该获取新的AuthorizedUser(sessionScoped)实例?
Am I missing something? Shouldn't I get a new instance of AuthorizedUser (sessionScoped) after invalidating my session?
编辑:如果有人需要,则添加getHandler;)
Adding the getHandler, if someone needs it ;)
public static Object getHandler(String handlerName) {
FacesContext facesContext = FacesContext.getCurrentInstance();
ELContext elContext = facesContext.getELContext();
ELResolver resolver = facesContext.getApplication().getELResolver();
Object uh = resolver.getValue(elContext, null, handlerName);
return uh;
}
推荐答案
该会话仍可在当前的请求-响应。在下一个请求中不再可用。您需要在无效之后发送重定向,以便指示浏览器在给定的URL上发送新请求。
The session is still available in the current request-response. It's not available anymore in the next request. You need to send a redirect after the invalidate so that the browser will be instructed to send a new request on the given URL.
return "success?faces-redirect=true";
或者如果您仍在使用老式导航箱(返回值即表明这一点;有一个视图很奇怪文件名 success),然后将< redirect />
添加到导航用例中。
Or if you're still using old fashioned navigation cases (the return values namely suggests that; it's strange to have a view with filename "success"), then add <redirect/>
to the navigation case instead.
如果仍然没有没有用,那么问题就在于您如何在会话中存储用户。例如,它实际上存储在应用程序范围内,当您混合使用CDI @Named
与JSF @SessionScoped
,或者当您将登录用户分配为静态变量而不是实例变量。
If that still doesn't work, then the bug is in how you're storing the user in session. For example, it's instead actually been stored in the application scope which may happen when you mix CDI @Named
with JSF @SessionScoped
, or when you assigned the logged-in user as a static variable instead of an instance variable.
- How to invalidate session in JSF 2.0?
- Performing user authentication in Java EE / JSF using j_security_check
这篇关于使用CDI + JSF使会话无效的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!