Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Eclipse Projects » Remote Application Platform (RAP) » Logout Action
Logout Action [message #110902] Thu, 30 October 2008 16:54 Go to next message
John Lowe is currently offline John LoweFriend
Messages: 2
Registered: July 2009
Junior Member
Hi,
I'm trying to create an Action to logout of our application, and believe I
am having difficulties with session management. We hosting our
application from Tomcat using "form" based authentication. At the moment
the action is redirecting and invalidating the session:

public void run() {
final HttpSession session = RWT.getSessionStore().getHttpSession();
final HttpServletRequest request = RWT.getRequest();
final HttpServletResponse response = RWT.getResponse();

if (PlatformUI.getWorkbench().close()) {
// Redirect the user to the login screen
try {
response.sendRedirect(request.getContextPath());
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}

// Invalidate can not be called on the event processing thread...
new Thread() {
public void run() {
session.invalidate();
}
}.start();
}
}

When the action executes the application is redirected to our login page,
but it seems the RAP is still running, we get the following message
inserted into our login screen:

Could not evaluate javascript response:

SyntaxError: XML tag name mismatch (expected meta)

My question(s) are:
1) Is this the best/correct/prefered way to "logout" of a RAP application,
and
2) What can be done to eliminate to error message?

(It would be nice if there was a helper method in RWT do just do this....)

Thanks
-John
Re: Logout Action [message #110934 is a reply to message #110902] Fri, 31 October 2008 08:18 Go to previous messageGo to next message
Stefan   is currently offline Stefan Friend
Messages: 316
Registered: July 2009
Senior Member
Hi John,

we use the following construct for the same purpose and it works pretty
well:

final String browserText =
MessageFormat.format("parent.window.location.href = \"{0}\";",
urlToLoginPage); //$NON-NLS-1$

// Destroy the session immediately if the user explicitly logs out.
// This automatically leads to Workbench.close (see ShutdownHandler in
// Workbench.java)

RWT.getRequest().getSession().setMaxInactiveInterval(1);

// Use a Phaselistener to write the redirect to the response. Using a
// Browser-Widget
// didn't work reliable, as a subsequent request from the browser ended
// in a new session
// on the server side. The server returned an empty response which lead
// to a
// "Request failed: Status code 0" error in the Browser.

final Display display = Display.getCurrent();
RWT.getLifeCycle().addPhaseListener(new PhaseListener(){
private static final long serialVersionUID = 1L;

public void afterPhase(PhaseEvent event){
// It is important to use afterPhase to let all other statements be
//parsed.
// Otherwise, disabling the exit dialog confirmation doesn't work.
if (display == Display.getCurrent()) {
try {
final HtmlResponseWriter writer =
ContextProvider.getStateInfo().getResponseWriter();
writer.write(browserText);
} catch (IOException e) {
e.printStackTrace();
} finally {
RWT.getLifeCycle().removePhaseListener(this);
}
}
}

public void beforePhase(PhaseEvent event){
}

public PhaseId getPhaseId(){
return PhaseId.RENDER;
}
});

Some kind of support for this use case by RAP would be really nice,
because this solution is really a hack...

Hope that helps,
Stefan.


John Lowe schrieb:
> Hi,
> I'm trying to create an Action to logout of our application, and believe
> I am having difficulties with session management. We hosting our
> application from Tomcat using "form" based authentication. At the moment
> the action is redirecting and invalidating the session:
>
> public void run() {
> final HttpSession session = RWT.getSessionStore().getHttpSession();
> final HttpServletRequest request = RWT.getRequest();
> final HttpServletResponse response = RWT.getResponse();
>
> if (PlatformUI.getWorkbench().close()) {
> // Redirect the user to the login screen
> try {
> response.sendRedirect(request.getContextPath());
> } catch (IOException e) {
> // TODO Auto-generated catch block
> e.printStackTrace();
> }
>
> // Invalidate can not be called on the event processing thread...
> new Thread() {
> public void run() {
> session.invalidate();
> }
> }.start();
> }
> }
>
> When the action executes the application is redirected to our login
> page, but it seems the RAP is still running, we get the following
> message inserted into our login screen:
>
> Could not evaluate javascript response:
>
> SyntaxError: XML tag name mismatch (expected meta)
>
> My question(s) are:
> 1) Is this the best/correct/prefered way to "logout" of a RAP
> application, and
> 2) What can be done to eliminate to error message?
>
> (It would be nice if there was a helper method in RWT do just do this....)
>
> Thanks
> -John
>
Re: Logout Action [message #111029 is a reply to message #110934] Fri, 31 October 2008 22:38 Go to previous messageGo to next message
John Lowe is currently offline John LoweFriend
Messages: 2
Registered: July 2009
Junior Member
Stefan,

Thanks for your reply, interesting idea. Unfortunately it didn't work for
me. It doesn't log out of the application, the app is just reloaded. I
tried some other things, like calling invalidate in a separate thread, and
adding a delay after the setMaxInactiveInterval(). Both result in the
behavior I had before.

I surprised no one else is having this issue, how to other people logout
of their applications? I noticed some people don't use container managed
authentication and implement the password facility around IEntryPoint. We
would prefer not to do that.

Thanks again,
-John
Re: Logout Action [message #111155 is a reply to message #111029] Mon, 03 November 2008 12:07 Go to previous messageGo to next message
Stefan   is currently offline Stefan Friend
Messages: 316
Registered: July 2009
Senior Member
Hi John,

the difference propbably is, that we redirect to a special servlet
(outside of RAP) which provides the static login page. The session
invalidation then can happen asynchronously in the background (done by
servlet engine).

Stefan.

John Lowe schrieb:
> Stefan,
>
> Thanks for your reply, interesting idea. Unfortunately it didn't work
> for me. It doesn't log out of the application, the app is just
> reloaded. I tried some other things, like calling invalidate in a
> separate thread, and adding a delay after the setMaxInactiveInterval().
> Both result in the behavior I had before.
>
> I surprised no one else is having this issue, how to other people logout
> of their applications? I noticed some people don't use container
> managed authentication and implement the password facility around
> IEntryPoint. We would prefer not to do that.
>
> Thanks again,
> -John
>
Re: Logout Action [message #780656 is a reply to message #111155] Wed, 18 January 2012 22:02 Go to previous messageGo to next message
Ronald So is currently offline Ronald SoFriend
Messages: 198
Registered: April 2011
Senior Member
This thread is old but I want to write what works for me. I am using RAP 1.5 M3. I called the following method when user clicks the Log Out button.

        private void performLogout() {
		RWT.getRequest().getSession().setMaxInactiveInterval(1);

		final HttpSession session = RWT.getSessionStore().getHttpSession();
		new Thread() {
			public void run() {
				session.invalidate();
			}
		}.start();

		// Note: JSExecutor access is discouraged for RAP 1.5M3. This warning
		// should go away once we upgrade to RAP 1.5M4.
		String defaultUrl = MessageFormat.format(
				"{0}://{1}:{2}{3}",
				new Object[] { RWT.getRequest().getScheme(),
						RWT.getRequest().getLocalName(),
						Integer.toString(RWT.getRequest().getLocalPort()),
						RWT.getRequest().getRequestURI() });

		System.out.println("Default URL: " + defaultUrl);
		String browserText = MessageFormat.format(
				"parent.window.location.href = \"{0}\";", defaultUrl);
		JSExecutor.executeJS(browserText);
	}
Re: Logout Action [message #1090104 is a reply to message #780656] Mon, 19 August 2013 18:12 Go to previous message
Jürgen  ilian is currently offline Jürgen ilianFriend
Messages: 3
Registered: July 2009
Junior Member
The version of Ronald used to work until the recent past. With newer versions of RAP I received occasiaonally "session already invalidated" errors.
Adding a timeout on the client side fixed the issue. This version worked with RAP2.0
void logout(){

  RWT.getRequest().getSession().setMaxInactiveInterval(1);
  String defaultUrl = MessageFormat.format(
				"{0}://{1}:{2}{3}",
				new Object[] { RWT.getRequest().getScheme(),
						RWT.getRequest().getLocalName(),
			    Integer.toString(RWT.getRequest().getLocalPort()),
						RWT.getRequest().getRequestURI() });
     System.out.println("Default URL: " + defaultUrl);
     String browserText = MessageFormat.format(
				"parent.window.location.href = \"{0}\";", defaultUrl);
    JavaScriptExecutor executor = RWT.getClient().getService( JavaScriptExecutor.class );

    // make sure that the session is invalid before opening it again
    executor.execute( "setTimeout('"+browserText+"',1000)" );
}

[Updated on: Mon, 19 August 2013 18:15]

Report message to a moderator

Previous Topic:How to set the text in table or tree cell to wrap?
Next Topic:ckeditor Custom Widget example - JS unpacked
Goto Forum:
  


Current Time: Tue Dec 23 03:12:44 GMT 2014

Powered by FUDForum. Page generated in 0.02100 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software