SessionListener sessionDestroyed 未调用 [英] SessionListener sessionDestroyed not called

问题描述

似乎我在 XPage 中遇到了 SessionListener 实现的障碍.创建会话时，侦听器将输出打印到日志中，因此我知道它已正确注册.但是，它不会在注销时调用 sessionDestroyed.是否需要执行任何特殊的 URL 重定向才能在注销后立即销毁 Domino/XPage 会话?如您所见，我已尝试清除作用域并清除 cookie，以试图触发 sessionDestroyed 方法.请注意，当我重新启动 http 服务器任务时， sessionDestroyed 确实会被调用，因此会话似乎可能会一直持续到不活动超时.

Seems I've run into a wall with the SessionListener implementation in XPages. The listener prints output to the log when a session is created, so I know its registered properly. However, it doesn't call sessionDestroyed upon logout. Is there any special URL redirect I need to perform to have the Domino / XPage session destroyed immediately upon logout? As you can see I've tried clearing scopes, and clearing cookies trying to get the sessionDestroyed method to fire. Note that sessionDestroyed does get called when I restart the http server task, so it seems the sessions might be lingering until the inactivity timeout.

开发服务器是:9.0.1(64位，在Win7本地运行)运行基于会话的身份验证单服务器(注意:我尝试了基本身份验证，同样的问题)

Dev Server is: 9.0.1 (64 bit, running locally on Win7) Running Session Based Authentication single server (note: I tried basic auth, same problem)

注销实用程序方法(由 SSJS 调用):

    public static void logout(){


    String url = XSPUtils.externalContext().getRequestContextPath() + "?logout&redirectto=" + externalContext().getRequestContextPath();
    XSPUtils.getRequest().getSession(false).invalidate();

    //wipe out the cookies
    for(Cookie cookie : getCookies()){
        cookie.setValue("");
        cookie.setPath("/");
        cookie.setMaxAge(0);
        XSPUtils.getResponse().addCookie(cookie);
    }

    try {
        XSPUtils.externalContext().redirect(url);
    } catch (IOException e) {
        logger.log(Level.SEVERE,null,e);
    }
}

简单的会话监听器:

public class MySessionListener implements SessionListener {

public void sessionCreated(ApplicationEx arg0, HttpSessionEvent event) {
    System.out.println("***sessionCreated***");

}

public void sessionDestroyed(ApplicationEx arg0, HttpSessionEvent event) {
    System.out.println("***sessionDestroyed***");
}

}

推荐答案

我们正在考虑将传统的 http 堆栈?logout"行为与 XPage 运行时会话管理层相结合.当前，会话会根据会话超时到期和/或 http 堆栈重新启动而被丢弃.如果您想强制删除会话并调用 SessionListener.sessionDestroyed，请参阅以下 XSP 片段 - 这同样适用于移植到 Java:

we're looking at coupling the traditional http stack "?logout" behavior with the XPages runtime session management layer. Currently, sessions are discarded based on the session timeout expiry and/or http stack restart. If you want to force session removal and have your SessionListener.sessionDestroyed invoked refer to the following XSP fragment - this is equally applicable for porting into Java:

<xp:button value="Logout" id="button2">
    <xp:eventHandler event="onclick" submit="true"
        refreshMode="complete">
        <xp:this.action>
            <![CDATA[#{javascript:
                // things we need...
                var externalContext = facesContext.getExternalContext();
                var request = externalContext.getRequest();
                var response = externalContext.getResponse();
                var currentContext = com.ibm.domino.xsp.module.nsf.NotesContext.getCurrent();
                var session = request.getSession(false);
                var sessionId = session.getId();

                // flush the cookies and invalidate the HTTP session...
                for(var cookie in request.getCookies()){
                    cookie.setValue("");
                    cookie.setPath("/");
                    cookie.setMaxAge(0);
                    response.addCookie(cookie);
                }
                session.invalidate();

                // now nuke the XSP session from RAM, then jump to logout...
                currentContext.getModule().removeSession(sessionId);
                externalContext.redirect("http://foo/bar.nsf?logout");
            }]]>
        </xp:this.action>
    </xp:eventHandler>
</xp:button>

这篇关于SessionListener sessionDestroyed 未调用的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！