From: Marc Englund <marc.englund@itmill.com>
Date: Mon, 15 Sep 2008 09:47:15 +0000 (+0000)
Subject: Invalidates session after saying 'session expired'. Fixes #1979
X-Git-Tag: 6.7.0.beta1~4169
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=8723d2334644b2e4d658b1336b29cfac9d292257;p=vaadin-framework.git

Invalidates session after saying 'session expired'. Fixes #1979

svn changeset:5396/svn branch:trunk
---

diff --git a/src/com/itmill/toolkit/terminal/gwt/server/ApplicationServlet.java b/src/com/itmill/toolkit/terminal/gwt/server/ApplicationServlet.java
index ead0e18129..939977b8db 100644
--- a/src/com/itmill/toolkit/terminal/gwt/server/ApplicationServlet.java
+++ b/src/com/itmill/toolkit/terminal/gwt/server/ApplicationServlet.java
@@ -520,6 +520,10 @@ public class ApplicationServlet extends HttpServlet {
                             .getSessionExpiredCaption(), ci
                             .getSessionExpiredMessage(), ci
                             .getSessionExpiredURL());
+                    // Invalidate session (weird to have session if we're saying
+                    // that it's expired, and worse: portal integration will
+                    // fail since the session is not created by the portal.
+                    request.getSession().invalidate();
                 }
             } catch (SystemMessageException ee) {
                 throw new ServletException(ee);