From fb207248d5567a2661d5729d5149c7c8920a2efa Mon Sep 17 00:00:00 2001 From: Henri Muurimaa Date: Mon, 11 Sep 2017 11:57:15 +0300 Subject: Migrate wiki articles to Vaadin documentation (#9912) * Vaadin Tutorial For Swing Developers * Setting And Reading Session Attributes * Enabling Server Push * Cleaning Up Resources In A UI * Sending Email From Java Applications * Using Parameters With Views * Optimizing Sluggish UI * Configuring Push For Your Enviroment * Setting And Reading Cookies * Using Polling * Creating An Application That Preserves State On Refresh * Finding The Current UI And Page And Vaadin Session * Sending Events From The Client To The Server Using RPC * Handling Logout * Remember To Set The Locale * Scalable Web Applications * MVC Basics In ITMill Toolkit * Access Control For Views * Customizing The Startup Page In An Application --- documentation/articles/HandlingLogout.asciidoc | 29 ++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 documentation/articles/HandlingLogout.asciidoc (limited to 'documentation/articles/HandlingLogout.asciidoc') diff --git a/documentation/articles/HandlingLogout.asciidoc b/documentation/articles/HandlingLogout.asciidoc new file mode 100644 index 0000000000..e83ef7705b --- /dev/null +++ b/documentation/articles/HandlingLogout.asciidoc @@ -0,0 +1,29 @@ +[[handling-logout]] +Handling logout +--------------- +What should happen the user wants to log out from a Vaadin application +depends on how the user is stored when the user logged in. + +If the user information is stored in the `VaadinSession`, that session +should be closed using its `close()` method. If the information on the +other hand is stored in the `HttpSession` or `PortletSession`, then that +session should be invalidated using the `invalidate()` method in Vaadin's +`WrappedSession` that represents either underlying session type. + +Aside from removing the user's information, the user should also be +redirected to a logout page to avoid keeping the UI open in the browser +after all server-side information about is has been removed. + +[source,java] +.... +private void logout() { + // Close the VaadinServiceSession + getUI().getSession().close(); + + // Invalidate underlying session instead if login info is stored there + // VaadinService.getCurrentRequest().getWrappedSession().invalidate(); + + // Redirect to avoid keeping the removed UI open in the browser + getUI().getPage().setLocation(getLogoutPageLocation()); +} +.... -- cgit v1.2.3