1 Reply Latest reply on Nov 3, 2006 12:20 AM by Sriraman Gopalan

    Problem with seam and session invalidation.

    Sriraman Gopalan Newbie

      Hi All,

      From a secured page, I am trying to logout a user by providing a Logout Button

      <h:commandButton id="logout" value="Logout" action="#{logoutAction.logout}"></h:commandButton>
      


      The logoutAction Managed Bean is configured as follows in the faces-config.xml:
      <managed-bean>
      <managed-bean-name>logoutAction</managed-bean-name>
      <managed-bean-class>managedbeans.LogoutAction</managed-bean-class>
      <managed-bean-scope>session</managed-bean-scope>
      </managed-bean>
      


      Inside the logout method, following is the code:

      public String logout(){
      String result ="reLogin";
      HttpServletRequest request= (HttpServletRequest)FacesContext.getCurrentInstance().getExternalContext().getRequest();
      Principal userPrincipal = request.getUserPrincipal();
      String userName = userPrincipal.getName();
      System.out.println("Current Logged In user is :" + userName) ;
      HttpSession session = (HttpSession)FacesContext.getCurrentInstance().getExternalContext().getSession(false);
      session.invalidate();
      return result;
      }
      


      The navigation rule for the result "reLogin" is configured as follows in faces-config.xml:

      <navigation-case>
      <from-outcome>reLogin</from-outcome>
      <to-view-id>/TestLogout.jsp</to-view-id>
      <redirect />
      </navigation-case>
      


      The application is configured for FORM authentication as follows:

      <error-page>
      <error-code>400</error-code>
      <error-code>404</error-code>
      <location>/index.jsp</location>
      </error-page>
      <security-constraint>
      <web-resource-collection>
      <web-resource-name>Whole site</web-resource-name>
      <url-pattern>/secure/*</url-pattern>
      </web-resource-collection>
      <auth-constraint>
      <role-name>*</role-name>
      </auth-constraint>
      <user-data-constraint>
      <transport-guarantee>NONE</transport-guarantee>
      </user-data-constraint>
      </security-constraint>
      
      
      <login-config>
      <auth-method>FORM</auth-method>
      <realm-name>MyDomain</realm-name>
      
      <form-login-config>
      <form-login-page>/Login.seam</form-login-page>
      <form-error-page>/authorization-error.seam</form-error-page>
      </form-login-config>
      
      </login-config>
      



      However, on clicking on the Logout button from the secured page, I get the following error:

      2006-11-02 16:58:44,253 ERROR [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost].[/kr-intWeb].[Faces Servlet]] Servlet.service() for servlet Faces Servlet threw exception
      java.lang.IllegalStateException: No active application scope
      at org.jboss.seam.core.Init.instance(Init.java:48)
      at org.jboss.seam.jsf.SeamNavigationHandler.handleNavigation(SeamNavigationHandler.java:29)
      at org.apache.myfaces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:84)
      at javax.faces.component.UICommand.broadcast(UICommand.java:106)
      at javax.faces.component.UIViewRoot._broadcastForPhase(UIViewRoot.java:94)
      at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:168)
      at org.apache.myfaces.lifecycle.LifecycleImpl.invokeApplication(LifecycleImpl.java:343)
      at org.apache.myfaces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:86)
      at javax.faces.webapp.FacesServlet.service(FacesServlet.java:137)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
      at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
      at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
      at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
      at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:175)
      at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:524)
      at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74)
      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
      at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
      at org.jboss.web.tomcat.tc5.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:156)
      at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
      at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
      at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
      at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
      at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
      at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112)
      at java.lang.Thread.run(Thread.java:595)


      Please Help.

      regards
      Sriraman.