[英]Destroy SessionScoped CDI beans during Shiro logout
The problem is that the session scoped beans are not destroyed before the session-timeout is reached. 问题在于,在达到会话超时之前,不会破坏会话范围的Bean。
Therefore I have two questions regarding the following logout procedure: 因此,关于以下注销过程,我有两个问题:
page.xhtml: page.xhtml:
<p:commandLink ajax="false" actionListener="#{myOtherBean.logout}" />
beans: 豆子:
@Named @SessionScoped public class mySessionBean implements Serializable { } @Named @SessionScoped public class myOtherBean extends Observable implements Serializable { @Inject private Subject subject; public void logout(){ subject.logout(); // this line throws the exception FacesContext.getCurrentInstance().getExternalContext().invalidateSession(); FacesContext.getCurrentInstance().getExternalContext() .redirect(servlet.getContextPath() + "/logout"); } }
shiro.ini: shiro.ini:
[main] sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager securityManager.sessionManager = $sessionManager sessionDAO = org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO securityManager.sessionManager.sessionDAO = $sessionDAO .... logout=org.apache.shiro.web.filter.authc.LogoutFilter logout.redirectUrl = /login.xhtml .... [urls] /logout = logout
Exception: 例外:
The following exception is thrown when I call FacesContext.getCurrentInstance().getExternalContext().invalidateSession();
当我调用
FacesContext.getCurrentInstance().getExternalContext().invalidateSession();
时,将引发以下异常FacesContext.getCurrentInstance().getExternalContext().invalidateSession();
java.lang.IllegalStateException: org.apache.shiro.session.UnknownSessionException: There is no session with id [e5939658-c033-4e67-984f-23cadfbc06fb]
Additional information: I am running Wildfly 8.2.0.Final. 附加信息:我正在运行Wildfly 8.2.0.Final。
Thanks. 谢谢。
Here is the code I am using in my project to do this, perhaps it is because your bean is SessionScoped and mine is ViewScoped?: 这是我在项目中使用的代码,可能是因为您的bean是SessionScoped,而我的是ViewScoped ?:
@Named
@ViewScoped
public class Authenticator implements Serializable {
public void logout() {
SecurityUtils.getSubject().logout();
FacesContext.getCurrentInstance().getExternalContext().invalidateSession();
FacesContext.getCurrentInstance().getExternalContext().redirect(LOGIN_URL);
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.