> Session Handling (especial Firefox): > What i have to do at a logout? invalidate session? clear all session beans > (scope=session)? On login i have to check if a user is already logged in at > this browser instance?
Invalidate the HttpSession to delete the user's session and thereby lose all data about the user. If you are using form based authentication, this will also log them out. > Navigation: > How is it possible that e.g. only jsp A can forward/redirect to jsp B? so > that jsp B can never called as e.g. > http://www.abc:8023/MyApplication/jsp/jspB.jsp but only from jsp A. Use a backing bean with an action and have on-load code redirect the user back to page A if a flag in the backing bean is not set public class A { public boolean okayToGoToB = false; public String goToB() { okayToGoToB = true; return "go-to-b"; // use navigation rule on action outcome "go-to-b" } } Using jsf-comp onload, jboss-seam pages page action or shale, setup an action to run when the user loads page b that checks to see if "A.okayToGoToB" is true. -Andrew > > best regards > > -- > View this message in context: > http://www.nabble.com/Session-Handling-and-Navigation-Questions-tf4236035.html#a12052276 > Sent from the MyFaces - Users mailing list archive at Nabble.com. > >
