[seam-issues] [JBoss JIRA] (SEAMFACES-239) @LoggedIn and @LoginView handler in conflict with navigation rule for identity.logout

Wed, 15 Feb 2012 11:29:59 -0800 

Miguel Z created SEAMFACES-239:
----------------------------------

             Summary: @LoggedIn and @LoginView handler in conflict with 
navigation rule for identity.logout
                 Key: SEAMFACES-239
                 URL: https://issues.jboss.org/browse/SEAMFACES-239
             Project: Seam Faces
          Issue Type: Bug
    Affects Versions: 3.1.0.Final
         Environment: Seam 3.1.0 Final + TomEE 1b2
            Reporter: Miguel Z


I have the following logout link:

<h:commandLink value="Logout" action="#{identity.logout}"/>

and the following navigation rule:

<navigation-rule>
  
        <from-view-id>*</from-view-id>

        <navigation-case>
            <from-action>#{identity.logout}</from-action>
            <to-view-id>/login.xhtml</to-view-id>
            <redirect/>
        </navigation-case>
       
  </navigation-rule>


In view config the pages where the logout link is displayed are annotated like 
e.g. home.xhtml

...
@ViewPattern("/home.xhtml")
@LoggedIn
@AccessDeniedView("/error.xhtml")
@LoginView("/login.xhtml")
HOME
...

When I click on the logout link it seems that the redirection to the login view 
is fired by the @LoggedIn handler AND NOT by the navigation rule. This causes 
the PreLoginEvent to be fired and the URL gets stored. 
After relogin I get the page from before logout reestablished like it should be 
in case of a session timeout etc. 

In case of a normal logout this should not happen which requires that the URL 
does not get stored.

My current workaround removes the URL in a (second) observer. Up to now it gets 
executed after the one in the LoginListener that puts the URL in the map (maybe 
other login events are more adequate):


public void onBeforeLogin(@Observes PreLoginEvent preLoginEvent) {
                
String PRE_LOGIN_URL = LoginListener.class.getName() + "_PRE_LOGIN_URL";
                
facesContext.getExternalContext().getSessionMap().remove(PRE_LOGIN_URL);
                
}


Conclusion: @LoggedIn should not be checked in case of normal logout 
(identity.logout action)


--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        
_______________________________________________
seam-issues mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/seam-issues

Reply via email to