diff options
| author | Henri Muurimaa <henri.muurimaa@gmail.com> | 2017-09-11 11:57:15 +0300 |
|---|---|---|
| committer | Henri Sara <henri.sara@gmail.com> | 2017-09-11 11:57:15 +0300 |
| commit | fb207248d5567a2661d5729d5149c7c8920a2efa (patch) | |
| tree | 197085fb374e85ccc7eeb7d7998a7bcba9b09c43 /documentation/articles/HandlingLogout.asciidoc | |
| parent | e83f012cf5f1388dcab9be427575a655769f75e9 (diff) | |
| download | vaadin-framework-fb207248d5567a2661d5729d5149c7c8920a2efa.tar.gz vaadin-framework-fb207248d5567a2661d5729d5149c7c8920a2efa.zip | |
Migrate wiki articles to Vaadin documentation (#9912)
* Vaadin Tutorial For Swing Developers
* Setting And Reading Session Attributes
* Enabling Server Push
* Cleaning Up Resources In A UI
* Sending Email From Java Applications
* Using Parameters With Views
* Optimizing Sluggish UI
* Configuring Push For Your Enviroment
* Setting And Reading Cookies
* Using Polling
* Creating An Application That Preserves State On Refresh
* Finding The Current UI And Page And Vaadin Session
* Sending Events From The Client To The Server Using RPC
* Handling Logout
* Remember To Set The Locale
* Scalable Web Applications
* MVC Basics In ITMill Toolkit
* Access Control For Views
* Customizing The Startup Page In An Application
Diffstat (limited to 'documentation/articles/HandlingLogout.asciidoc')
| -rw-r--r-- | documentation/articles/HandlingLogout.asciidoc | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/documentation/articles/HandlingLogout.asciidoc b/documentation/articles/HandlingLogout.asciidoc new file mode 100644 index 0000000000..e83ef7705b --- /dev/null +++ b/documentation/articles/HandlingLogout.asciidoc @@ -0,0 +1,29 @@ +[[handling-logout]] +Handling logout +--------------- +What should happen the user wants to log out from a Vaadin application +depends on how the user is stored when the user logged in. + +If the user information is stored in the `VaadinSession`, that session +should be closed using its `close()` method. If the information on the +other hand is stored in the `HttpSession` or `PortletSession`, then that +session should be invalidated using the `invalidate()` method in Vaadin's +`WrappedSession` that represents either underlying session type. + +Aside from removing the user's information, the user should also be +redirected to a logout page to avoid keeping the UI open in the browser +after all server-side information about is has been removed. + +[source,java] +.... +private void logout() { + // Close the VaadinServiceSession + getUI().getSession().close(); + + // Invalidate underlying session instead if login info is stored there + // VaadinService.getCurrentRequest().getWrappedSession().invalidate(); + + // Redirect to avoid keeping the removed UI open in the browser + getUI().getPage().setLocation(getLogoutPageLocation()); +} +.... |