I tried to do login and logout method refer this article http://www.itcuties.com/j2ee/jsf-2-login-filter-example/ Login method is fine but logout doesn't work!
LoginBean.java
@ManagedBean
@SessionScoped
public class LoginBean implements Serializable {
@EJB
private UsersFacadeLocal usersFacade;
public LoginBean() {
}
//
public String doLogin() {
String redirect = "";
if (usersFacade.loginUser(email, password)) {
loggedIn = true;
redirect = navigationBean.redirectToMain();
} else {
FacesContext facesContext = FacesContext.getCurrentInstance();
facesContext.addMessage(null, new FacesMessage(FacesMessage.SEVERITY_WARN, "Username or password is incorrect", null));
redirect = navigationBean.redirectToLogin();
}
return redirect;
}
//
public String doLogout() {
ExternalContext ectx = FacesContext.getCurrentInstance().getExternalContext();
HttpServletResponse response = (HttpServletResponse)ectx.getResponse();
HttpSession session = (HttpSession)ectx.getSession(false);
session.invalidate();
loggedIn = false;
return navigationBean.redirectToLogin();
}
//
private String email;
private String password;
private boolean loggedIn;
@ManagedProperty(value = "#{navigationBean}")
private NavigationBean navigationBean;
public String getEmail() {
return email;
}
public void setEmail(String email) {
this.email = email;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public boolean isLoggedIn() {
return loggedIn;
}
public void setLoggedIn(boolean loggedIn) {
this.loggedIn = loggedIn;
}
public NavigationBean getNavigationBean() {
return navigationBean;
}
public void setNavigationBean(NavigationBean navigationBean) {
this.navigationBean = navigationBean;
}
}
LoginFilter.java
public class LoginFilter implements Filter{
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest)request;
HttpServletResponse res = (HttpServletResponse)response;
LoginBean session = (LoginBean)req.getSession().getAttribute("loginBean");
String url = req.getRequestURI();
if(session == null || session.isLoggedIn() == false)
{
if(!url.equals("/login.xhtml"))
{
res.sendRedirect(req.getContextPath() + "/login.xhtml");
}
res.sendRedirect(req.getContextPath() + "/login.xhtml");
}
else
{
chain.doFilter(request, response);
}
}
@Override
public void destroy() {
}
Web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.1" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd">
<filter>
<filter-name>LoginFilter</filter-name>
<filter-class>ejb.DAO.LoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>/faces/*</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.xhtml</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>faces/main.xhtml</welcome-file>
</welcome-file-list>
</web-app>
After logged in, when I click logout button it's redirect to login page. but when I copy and paste the main page url to a new tab in browser the session is still there.
Any suggestion. Thanks in advance
