7 Replies Latest reply on Oct 27, 2006 2:48 PM by monkeyden

    Any way to invalidate a session?

    monkeyden

      Is there a way to explicitly invalidate a session, or at least clear it of all its attributes? I have a portal which is opening a new window to my seam application. There is a single sign on and the user is redirected to a search screen. The search results are persisting across different user logins, so they are apparently sharing the same session.

        • 1. Re: Any way to invalidate a session?
          gavin.king

          Call Seam.invalidateSession()

          • 2. Re: Any way to invalidate a session?
            monkeyden

            After reading the description for that method, it's not the ideal solution.

            • 3. Re: Any way to invalidate a session?
              gavin.king

              Well, I'm sorry, but invalidating the session in the middle of a request is just not possible, since Seam needs the session state at the end of the request.

              • 4. Re: Any way to invalidate a session?
                pmuir

                A different approach would be to not store the search results in the session context but in the PAGE or CONVERSATION scope

                • 5. Re: Any way to invalidate a session?
                  monkeyden

                  The containing bean is conversation scope. The search results are outjected using the @DataModel tag. If the reference remains in session, the same @DataModel list is displayed.

                  Would be nice to have Context.getAttributeNames, so I can clear everything out of there.

                  • 6. Re: Any way to invalidate a session?
                    pmuir

                    Perhaps I don't completely understand (as I don't use portlets) but that doesn't sound right to me. If you aren't propogating the conversation (s:link, h:commandLink, h:commandButton all do unless stopped using conversationPropogation) then your 'new window' (really a new window or is this a portal term?) won't have access to any other conversations so can't have data from a previous search.

                    • 7. Re: Any way to invalidate a session?
                      monkeyden

                      Using FF 1.5
                      --------------
                      1. User logs into the portal on server 1 (some portal platform I choose not to know much about).
                      2. User selects a link from the navigation panel which points to server 2 (Seam).
                      3. User does a search and gets back results
                      4. User goes back to the portal window, logs out and logs back in as a different user
                      5. User selects the same link in the navigation panel
                      6. Previous user's results are displayed.

                      I don't expect Seam to implicitly handle this, since it's 2 different sessions on two different servers. I'm just trying to clean it up in my code when it happens.