[OmniFaces utilities] The
invalidateSession() method invalidates the current HTTP session. So, any subsequent HTTP request will get a new one when necessary.Method:
See also: Faces#getContext()
Usage:
import
org.omnifaces.util.Faces;
...
// before
invalidate the session session ID may be: XY4i-kp_0NIDotbQaugGaM3P
String
sessionId = Faces.getSessionId();
//
invalidate the session
Faces.invalidateSession();
// after
invalidate the session, Faces#getSessionId() will return null
String
sessionId = Faces.getSessionId();
Note that
the user principal is still present in the response of the current request,
it's therefore recommend to send a redirect after #logout() or #invalidateSession().
You can use #redirect(String,String...) for this:
Faces.invalidateSession();
Faces.redirect(...); // throw IOException
Niciun comentariu:
Trimiteți un comentariu