0 Replies Latest reply on Jul 28, 2006 11:17 AM by George Papas

    sessionDestroyed && home.create

    George Papas Newbie

      I've got a problem logging out the currently logged on user. I have a javax.servlet.http.HttpSessionListener in my web application, declared as


      <listener-class>my.SessionCounter</listener-class>


      in web.xml

      Inside the sessionDestroyed event handler I call this code:
      public void sessionDestroyed(HttpSessionEvent se) {
      if (activeSessions > 0)
      activeSessions--;

      try {
      MyServiceLocal iface = BeanLocator.getInstance().getMyService();

      if (iface!=null)
      iface.logoutCurrentUser( (String)se.getSession().getAttribute("my.current.user") );

      } catch (Exception ex) {
      System.out.println("XTYPHSE PALI TO MPOYRDELO! " + ex.getClass().getName());

      }

      }


      I have an error "javax.ejb.AccessLocalException" in the line:
      MyServiceLocal iface = BeanLocator.getInstance().getMyService();

      The error fires when home.create() is called:
      public MyServiceLocal getMyService() {
      try {
      home = (MyServiceLocalHome) ctx.lookup("my.jndiName");

      //home is ok here, but calling create() will throw an AccessLocalException
      return home.create();
      } catch (...) {...}
      }

      The interface for the bean "MyService" is generated with option @ejb.permission view-type="all" unchecked="true"

      The security domain is defined ("myApp" in jboss-web.xml and in jboss.xml)

      My login-config.xml contains the following:
      <application-policy name = "myApp">

      <login-module code = "my.login.MyLoginModule" flag = "required">
      <module-option name="unauthenticatedIdentity">nobody</module-option>
      </login-module>

      <!-- Add this line to your login-config.xml to include the ClientLoginModule propogation -->
      <login-module code="org.jboss.security.ClientLoginModule" flag="required">
      <module-option name="unauthenticatedIdentity">nobody</module-option>
      </login-module>

      </application-policy>


      What is the problem? How can I logout the user (ie mark the user "clean" in the database), ON session destroy?

      Any help will be much appreciated