with using invalidate you shouldnt get that message
becacuse then invalidate is being done as last
What is the stacktrace then?
this should tjust work:
getSession().invalidate();
setResponsePage(com.eurekify.web.Login.class);
On Sun, May 4, 2008 at 12:02 PM, Eyal Golan <[EMAIL PROTECTED]> wrote:
> I tried the "normal" invalidate before and got the same exception.
> I'm not sure I understood what you said about the constructor in your
> other
> reply.
>
> My scenario is like this:
> The user will press the logout link, the session logs out and I redirect
> to
> the Login page.
>
> I had another solution like this:
> public void onClick() {
> PortalSession session = (PortalSession) getSession();
> session.setCredentials(null, "");//our own method
> setResponsePage(com.eurekify.web.Login.class);
> }
> It worked, but the I could reenter the pages with the back button.
> After checking invalidate, I found that it's better, but the I saw this
> exception.
>
>
> On Sun, May 4, 2008 at 12:48 PM, Johan Compagner <[EMAIL PROTECTED]>
> wrote:
>
> > Why do you do invalidateNow?
> > You want a new session for that next response page?
> > It seems jetty does invalidate but doesnt give us a new one in the same
> > request.
> > Or wicket holds on to the http session object but i dont think we do
> that.
> >
> > On 5/4/08, Eyal Golan <[EMAIL PROTECTED]> wrote:
> > > Another question (mfs, if you don't mind).
> > > I did the invalidate on a link:
> > > Link logoutLink = new Link("logoutLink") {
> > > private static final long serialVersionUID = 1L;
> > >
> > > @Override
> > > public void onClick() {
> > > getSession().invalidateNow();
> > > setResponsePage(com.eurekify.web.Login.class);
> > > }
> > > };
> > >
> > > It works, but I get an IllegalState Exception:
> > > 2008-05-04 11:49:06,625 ERROR [org.mortbay.log] - /eurekify/portal/:
> > > java.lang.IllegalStateException
> > > at
> > >
> >
> org.mortbay.jetty.servlet.AbstractSessionManager$Session.setAttribute(AbstractSessionManager.java:916)
> > > at
> > >
> >
> com.eurekify.security.SecurityFilter.doFilterInternal(SecurityFilter.java:41)
> > > at
> > >
> >
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:75)
> > > at
> > >
> >
> org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1065)
> > > at
> > >
> org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:365)
> > > at
> > >
> >
> org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:185)
> > > at
> > >
> org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181)
> > > at
> > >
> org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:689)
> > > at
> > org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:391)
> > > at
> > >
> >
> org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java:114)
> > > at
> > >
> org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:139)
> > > at org.mortbay.jetty.Server.handle(Server.java:285)
> > > at
> > >
> org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:457)
> > > at
> > >
> >
> org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:751)
> > > at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:500)
> > > at
> org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:209)
> > > at
> org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:357)
> > > at
> > >
> >
> org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:329)
> > > at
> > >
> >
> org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:475)
> > >
> > > Is there a way to eliminate this?
> > > I tried to put a catch surrounding the invalidate, but it's no use.
> > >
> > >
> > > thanks,
> > >
> > >
> > > On Sun, May 4, 2008 at 10:00 AM, mfs <[EMAIL PROTECTED]> wrote:
> > >
> > > >
> > > > Looking for some follow up on this..
> > > >
> > > > 1) Just wondering as to why isnt a constructor a good place to do
> the
> > > > redirection to an external url , ?
> > > > 2) What should be the right place for it, given my use-case..
> > > >
> > > >
> > > > Would writing a LogoutFilter be a good option..
> > > >
> > > >
> > > > Thanks in advance..
> > > >
> > > >
> > > >
> > > >
> > > > Johan Compagner wrote:
> > > > >
> > > > > I think this usecase should be supported but isnt the best way,
> you
> > > > > should throw an AbortException when you want to redirect in the
> > > > > constructor. Dont know from top of my head if we have one just for
> > an
> > > > > url but that is easily made
> > > > >
> > > > > On 4/30/08, mfs <[EMAIL PROTECTED]> wrote:
> > > > >>
> > > > >> Guys,
> > > > >>
> > > > >> I have a LogoutPage which does the following in its constructor
> > > > >>
> > > > >> LogoutPage()
> > > > >> {
> > > > >> getSession().invalidate();
> > > > >>
> > > > >> // redirecting to the external app logout page
> > > > >> RequestCycle.get().setRequestTarget(
> > > > >> new RedirectRequestTarget(Host.getHttpsUrl()
> > > > >> + xyz.getLogoutURL()));
> > > > >>
> > > > >> getRequestCycle().setRedirect(true);
> > > > >> }
> > > > >>
> > > > >> Now, for some reasons the redirect to the specified external app
> > page
> > > > >> doesnt
> > > > >> happen, infact i am taken to the session-expired page (which is
> > because
> > > > >> the
> > > > >> request comes to wicket app, instead of redirection to this
> > external
> > > > app)
> > > > >> .
> > > > >> Let me add that i am using wiket-auth-roles for authorization...
> > > > >>
> > > > >> Also the reason i am doing this inside the Page itself (and not
> in
> > the
> > > > >> onClick or some other event as suggested in another other thread)
> > is
> > > > >> because
> > > > >> i need to expose this LogoutPage to an external app as well,
> which
> > will
> > > > >> redirect to this page after invalidating the session....This part
> > of
> > > > >> Interoperability/SingleSignon Support.
> > > > >>
> > > > >> Thanks in advance.
> > > > >>
> > > > >> --
> > > > >> View this message in context:
> > > > >>
> > > >
> > >
> >
> http://www.nabble.com/LogoutPage---Responsible-for-invalidation-and-redirection-to-non-wicket-page-tp16974119p16974119.html
> > > > >> Sent from the Wicket - User mailing list archive at Nabble.com.
> > > > >>
> > > > >>
> > > > >>
> > ---------------------------------------------------------------------
> > > > >> To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > > >> For additional commands, e-mail: [EMAIL PROTECTED]
> > > > >>
> > > > >>
> > > > >
> > > > >
> > ---------------------------------------------------------------------
> > > > > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > > > For additional commands, e-mail: [EMAIL PROTECTED]
> > > > >
> > > > >
> > > > >
> > > >
> > > > --
> > > > View this message in context:
> > > >
> > >
> >
> http://www.nabble.com/LogoutPage---Responsible-for-invalidation-and-redirection-to-non-wicket-page-tp16974119p17043421.html
> > > > Sent from the Wicket - User mailing list archive at Nabble.com.
> > > >
> > > >
> > > >
> ---------------------------------------------------------------------
> > > > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > > For additional commands, e-mail: [EMAIL PROTECTED]
> > > >
> > > >
> > >
> > >
> > > --
> > > Eyal Golan
> > > [EMAIL PROTECTED]
> > >
> > > Visit: http://jvdrums.sourceforge.net/
> > >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> >
>
>
> --
> Eyal Golan
> [EMAIL PROTECTED]
>
> Visit: http://jvdrums.sourceforge.net/
>
