[seam-issues] [JBoss JIRA] (SEAMFACES-239) @LoggedIn and @LoginView handler in conflict with navigation rule for identity.logout

Miguel Z (JIRA) jira-events at lists.jboss.org
Wed Feb 15 14:29:36 EST 2012 

Miguel Z created SEAMFACES-239:
----------------------------------

             Summary: @LoggedIn and @LoginView handler in conflict with navigation rule for identity.logout
                 Key: SEAMFACES-239
                 URL: https://issues.jboss.org/browse/SEAMFACES-239
             Project: Seam Faces
          Issue Type: Bug
    Affects Versions: 3.1.0.Final
         Environment: Seam 3.1.0 Final + TomEE 1b2
            Reporter: Miguel Z


I have the following logout link:

<h:commandLink value="Logout" action="#{identity.logout}"/>

and the following navigation rule:

<navigation-rule>
  
        <from-view-id>*</from-view-id>

        <navigation-case>
            <from-action>#{identity.logout}</from-action>
            <to-view-id>/login.xhtml</to-view-id>
            <redirect/>
        </navigation-case>
       
  </navigation-rule>


In view config the pages where the logout link is displayed are annotated like e.g. home.xhtml

...
@ViewPattern("/home.xhtml")
@LoggedIn
@AccessDeniedView("/error.xhtml")
@LoginView("/login.xhtml")
HOME
...

When I click on the logout link it seems that the redirection to the login view is fired by the @LoggedIn handler AND NOT by the navigation rule. This causes the PreLoginEvent to be fired and the URL gets stored. 
After relogin I get the page from before logout reestablished like it should be in case of a session timeout etc. 

In case of a normal logout this should not happen which requires that the URL does not get stored.

My current workaround removes the URL in a (second) observer. Up to now it gets executed after the one in the LoginListener that puts the URL in the map (maybe other login events are more adequate):


public void onBeforeLogin(@Observes PreLoginEvent preLoginEvent) {
		
String PRE_LOGIN_URL = LoginListener.class.getName() + "_PRE_LOGIN_URL";
		
facesContext.getExternalContext().getSessionMap().remove(PRE_LOGIN_URL);
		
}


Conclusion: @LoggedIn should not be checked in case of normal logout (identity.logout action)


--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the seam-issues mailing list