with using invalidate you shouldnt get that message becacuse then invalidate is being done as last What is the stacktrace then?
this should tjust work: getSession().invalidate(); setResponsePage(com.eurekify.web.Login.class); On Sun, May 4, 2008 at 12:02 PM, Eyal Golan <[EMAIL PROTECTED]> wrote: > I tried the "normal" invalidate before and got the same exception. > I'm not sure I understood what you said about the constructor in your > other > reply. > > My scenario is like this: > The user will press the logout link, the session logs out and I redirect > to > the Login page. > > I had another solution like this: > public void onClick() { > PortalSession session = (PortalSession) getSession(); > session.setCredentials(null, "");//our own method > setResponsePage(com.eurekify.web.Login.class); > } > It worked, but the I could reenter the pages with the back button. > After checking invalidate, I found that it's better, but the I saw this > exception. > > > On Sun, May 4, 2008 at 12:48 PM, Johan Compagner <[EMAIL PROTECTED]> > wrote: > > > Why do you do invalidateNow? > > You want a new session for that next response page? > > It seems jetty does invalidate but doesnt give us a new one in the same > > request. > > Or wicket holds on to the http session object but i dont think we do > that. > > > > On 5/4/08, Eyal Golan <[EMAIL PROTECTED]> wrote: > > > Another question (mfs, if you don't mind). > > > I did the invalidate on a link: > > > Link logoutLink = new Link("logoutLink") { > > > private static final long serialVersionUID = 1L; > > > > > > @Override > > > public void onClick() { > > > getSession().invalidateNow(); > > > setResponsePage(com.eurekify.web.Login.class); > > > } > > > }; > > > > > > It works, but I get an IllegalState Exception: > > > 2008-05-04 11:49:06,625 ERROR [org.mortbay.log] - /eurekify/portal/: > > > java.lang.IllegalStateException > > > at > > > > > > org.mortbay.jetty.servlet.AbstractSessionManager$Session.setAttribute(AbstractSessionManager.java:916) > > > at > > > > > > com.eurekify.security.SecurityFilter.doFilterInternal(SecurityFilter.java:41) > > > at > > > > > > org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:75) > > > at > > > > > > org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1065) > > > at > > > > org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:365) > > > at > > > > > > org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:185) > > > at > > > > org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181) > > > at > > > > org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:689) > > > at > > org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:391) > > > at > > > > > > org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java:114) > > > at > > > > org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:139) > > > at org.mortbay.jetty.Server.handle(Server.java:285) > > > at > > > > org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:457) > > > at > > > > > > org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:751) > > > at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:500) > > > at > org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:209) > > > at > org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:357) > > > at > > > > > > org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:329) > > > at > > > > > > org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:475) > > > > > > Is there a way to eliminate this? > > > I tried to put a catch surrounding the invalidate, but it's no use. > > > > > > > > > thanks, > > > > > > > > > On Sun, May 4, 2008 at 10:00 AM, mfs <[EMAIL PROTECTED]> wrote: > > > > > > > > > > > Looking for some follow up on this.. > > > > > > > > 1) Just wondering as to why isnt a constructor a good place to do > the > > > > redirection to an external url , ? > > > > 2) What should be the right place for it, given my use-case.. > > > > > > > > > > > > Would writing a LogoutFilter be a good option.. > > > > > > > > > > > > Thanks in advance.. > > > > > > > > > > > > > > > > > > > > Johan Compagner wrote: > > > > > > > > > > I think this usecase should be supported but isnt the best way, > you > > > > > should throw an AbortException when you want to redirect in the > > > > > constructor. Dont know from top of my head if we have one just for > > an > > > > > url but that is easily made > > > > > > > > > > On 4/30/08, mfs <[EMAIL PROTECTED]> wrote: > > > > >> > > > > >> Guys, > > > > >> > > > > >> I have a LogoutPage which does the following in its constructor > > > > >> > > > > >> LogoutPage() > > > > >> { > > > > >> getSession().invalidate(); > > > > >> > > > > >> // redirecting to the external app logout page > > > > >> RequestCycle.get().setRequestTarget( > > > > >> new RedirectRequestTarget(Host.getHttpsUrl() > > > > >> + xyz.getLogoutURL())); > > > > >> > > > > >> getRequestCycle().setRedirect(true); > > > > >> } > > > > >> > > > > >> Now, for some reasons the redirect to the specified external app > > page > > > > >> doesnt > > > > >> happen, infact i am taken to the session-expired page (which is > > because > > > > >> the > > > > >> request comes to wicket app, instead of redirection to this > > external > > > > app) > > > > >> . > > > > >> Let me add that i am using wiket-auth-roles for authorization... > > > > >> > > > > >> Also the reason i am doing this inside the Page itself (and not > in > > the > > > > >> onClick or some other event as suggested in another other thread) > > is > > > > >> because > > > > >> i need to expose this LogoutPage to an external app as well, > which > > will > > > > >> redirect to this page after invalidating the session....This part > > of > > > > >> Interoperability/SingleSignon Support. > > > > >> > > > > >> Thanks in advance. > > > > >> > > > > >> -- > > > > >> View this message in context: > > > > >> > > > > > > > > > > http://www.nabble.com/LogoutPage---Responsible-for-invalidation-and-redirection-to-non-wicket-page-tp16974119p16974119.html > > > > >> Sent from the Wicket - User mailing list archive at Nabble.com. > > > > >> > > > > >> > > > > >> > > --------------------------------------------------------------------- > > > > >> To unsubscribe, e-mail: [EMAIL PROTECTED] > > > > >> For additional commands, e-mail: [EMAIL PROTECTED] > > > > >> > > > > >> > > > > > > > > > > > > --------------------------------------------------------------------- > > > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > > > > > > > -- > > > > View this message in context: > > > > > > > > > > http://www.nabble.com/LogoutPage---Responsible-for-invalidation-and-redirection-to-non-wicket-page-tp16974119p17043421.html > > > > Sent from the Wicket - User mailing list archive at Nabble.com. > > > > > > > > > > > > > --------------------------------------------------------------------- > > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > -- > > > Eyal Golan > > > [EMAIL PROTECTED] > > > > > > Visit: http://jvdrums.sourceforge.net/ > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > -- > Eyal Golan > [EMAIL PROTECTED] > > Visit: http://jvdrums.sourceforge.net/ >