Uploaded image for project: 'Seam Faces'
  1. Seam Faces
  2. SEAMFACES-239

@LoggedIn and @LoginView handler in conflict with navigation rule for identity.logout

    Details

    • Type: Bug
    • Status: Open (View Workflow)
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 3.1.0.Final
    • Fix Version/s: None
    • Component/s: None
    • Environment:

      Seam 3.1.0 Final + TomEE 1b2

      Description

      I have the following logout link:

      <h:commandLink value="Logout" action="#

      {identity.logout}"/>

      and the following navigation rule:

      <navigation-rule>

      <from-view-id>*</from-view-id>

      <navigation-case>
      <from-action>#{identity.logout}

      </from-action>
      <to-view-id>/login.xhtml</to-view-id>
      <redirect/>
      </navigation-case>

      </navigation-rule>

      In view config the pages where the logout link is displayed are annotated like e.g. home.xhtml

      ...
      @ViewPattern("/home.xhtml")
      @LoggedIn
      @AccessDeniedView("/error.xhtml")
      @LoginView("/login.xhtml")
      HOME
      ...

      When I click on the logout link it seems that the redirection to the login view is fired by the @LoggedIn handler AND NOT by the navigation rule. This causes the PreLoginEvent to be fired and the URL gets stored.
      After relogin I get the page from before logout reestablished like it should be in case of a session timeout etc.

      In case of a normal logout this should not happen which requires that the URL does not get stored.

      My current workaround removes the URL in a (second) observer. Up to now it gets executed after the one in the LoginListener that puts the URL in the map (maybe other login events are more adequate):

      public void onBeforeLogin(@Observes PreLoginEvent preLoginEvent)

      { String PRE_LOGIN_URL = LoginListener.class.getName() + "_PRE_LOGIN_URL"; facesContext.getExternalContext().getSessionMap().remove(PRE_LOGIN_URL); }

      Conclusion: @LoggedIn should not be checked in case of normal logout (identity.logout action)

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                miguelzp Miguel Z
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated: