Wednesday, February 21, 2007

ADF: Invalidating Web session in Apache Tomcat based container

I saw a lot of posts in the JDeveloper Forum on IllegalStateException exception while trying to call HttpSession.invalide() in the application deployed to Apache Tomcat based J2EE containers. I also had this problem and recently found a solution - try to call

ADFContext.getCurrent().removeScope(ADFContext.SESSION_SCOPE);


right before calling HttpSession.invalide().

4 comments:

Matt said...

Thankyou.

This also seems to do the trick on a 10.1.2 OAS.

I also found that to achieve redirection after logout I needed to pass a JSF navigation action back rather than using response.sendRedirect("myhomepage.jspx")

Ing. Hernán Guaymás said...

ERES UN GENIO!!!, ESTUVE DOS DIAS ENTEROS BUSCANDO UNA SOLUCION A ESE PROBLEMA. NI SIQUIERA LOS ACES DE ORACLE PUDIERON AYUDARME. GRACIAS!!!!

Clément said...

Hi,
I try your solution but it doesn't work : This is my logout fuction :

public String logout() {
FacesContext ctx = FacesContext.getCurrentInstance();
ExternalContext ectx = ctx.getExternalContext();

HttpServletResponse response = (HttpServletResponse)ectx.getResponse();
HttpSession session = (HttpSession)ectx.getSession(false);
ControllerContext cc = ControllerContext.getInstance();
String logoutUrl = cc.getGlobalViewActivityURL("carrusLogin");
ADFContext.getCurrent().removeScope(ADFContext.SESSION_SCOPE);

session.invalidate();
ctx.responseComplete();
try { response.sendRedirect(logoutUrl);
} catch (IOException e) {
e.printStackTrace();
}

return null;
}

Clément said...

Hi,
I try your solution but it doesn't work : This is my logout fuction :

public String logout() {
FacesContext ctx = FacesContext.getCurrentInstance();
ExternalContext ectx = ctx.getExternalContext();

HttpServletResponse response = (HttpServletResponse)ectx.getResponse();
HttpSession session = (HttpSession)ectx.getSession(false);
ControllerContext cc = ControllerContext.getInstance();
String logoutUrl = cc.getGlobalViewActivityURL("carrusLogin");
ADFContext.getCurrent().removeScope(ADFContext.SESSION_SCOPE);

session.invalidate();
ctx.responseComplete();
try { response.sendRedirect(logoutUrl);
} catch (IOException e) {
e.printStackTrace();
}

return null;
}