Você está na página 1de 3

ADF Logout Recently I was struggling with performance issues with custom ADF logout page.

We did not use ADF Security but wrote our own server side logout functionality. The logout process required 2 steps 1. Invalidate the ADF session which contains some session variables, user information 2. Redirect to the logout page. User could logout in different ways i.e. By Disagreeing the term & condition or by clicking the Logout link (on the header) anywhere in the application. It is necessary to call logout java method defined inside Managed Bean to invalidate user session and redirect the response to logout.html. The problem 1. The performance depends upon the page where you are logging out because the managed bean logout method (applicationLogout) was called using partialSubmit. partialSubmit is asynchronous AJAX call where entire ViewState is posted back on each submit. The entire ADF server side lifecycle occurs on each postback causing slow logout process. One of the pages had 4 table components and logout was taking a long time due to the partialSubmit. 2. Logout link exists on many application headers; I need to make sure Managed Bean is accessible from all the headers. The Solution I developed a logout.jspx page, responsible for calling the managed bean application logout (applicationLogout) method. Each logout link/button can link to this logout.jspx. The logout.jspx has only one method to execute (applicationLogout) resulting faster performance. The header.jspx is included on all pages. We added logout button on header.jspx header.jspx
<af:goLink destination="../logout.jspx" inlineStyle="color:Navy; fontweight:bold;"> <af:outputText id="gl1" value="Logout"/> </af:goLink>

The logout.jspx implements a clientListener (javascipt onLod()) method clientLogout which calls managed beans logout method serverLogout. logout.jspx
<?xml version='1.0' encoding='UTF-8'?> <jsp:root xmlns:jsp="http://java.sun.com/JSP/Page" version="2.1" xmlns:f="http://java.sun.com/jsf/core" xmlns:af="http://xmlns.oracle.com/adf/faces/rich"> <jsp:directive.page contentType="text/html;charset=UTF-8"/> <f:view> <af:document id="doc1" title="Test">

<af:resource type="javascript"> function clientLogout (event) { parent.AdfCustomEvent.queue(AdfPage.PAGE.findComponent('doc1'), "serverLogout",{},false); return true; } </af:resource> <af:clientListener method="clientLogout" type="load"/> <af:serverListener type=" serverLogout " method="#{authutil.applicationLogout}"/> <af:form id="fm1"> <af:panelGroupLayout> <af:spacer height="250" id="s33"/> <af:spacer width="450" id="s1"/><af:outputText value="Logging out ...." id="out1" inlineStyle="font-size:20px;align:center;"/> </af:panelGroupLayout> </af:form> </af:document> </f:view> </jsp:root>

Managed Bean - AuthenticationUtil.java

package foo.test.logout.util; import import import import import import import import import import import import java.io.IOException; java.util.Calendar; java.util.Date; javax.faces.context.ExternalContext; javax.faces.context.FacesContext; javax.servlet.http.Cookie; javax.servlet.http.HttpServletRequest; javax.servlet.http.HttpServletResponse; javax.servlet.http.HttpSession; org.apache.commons.logging.Log; org.apache.commons.logging.LogFactory; oracle.adf.view.rich.render.ClientEvent;

public class AuthUtil { public static final public static final public static final public static final

String String String String


= "OAM_REMOTE_USER"; = "ObSSOCookie"; = "loggedoutcontinue"; ".example.com";

public static final String LOGOUT_URL = "logout.url"; private static final Log logger = LogFactory.getLog(AuthUtil.class.getName()); public AuthUtil() { super(); } public void applicationLogout(ClientEvent ce) {

logger.debug("In appLogout().."); FacesContext fctx = FacesContext.getCurrentInstance(); ExternalContext ectx = fctx.getExternalContext(); try { HttpServletRequest request = (HttpServletRequest)ectx.getRequest(); deleteCookies(); HttpSession session = (HttpSession)ectx.getSession(false); if (session != null) { session.invalidate(); } // You can store this URL in Resource Bundle (Property File) String logoutUrl = ectx.getRequestContextPath() + "/html/logout.html"; ectx.redirect(logoutUrl); } catch (IOException e) { e.printStackTrace(); } fctx.responseComplete(); } private void deleteCookies() { // Remove ObSSOCookie and other cookies.. //You can delete the cookies in logout.html as well logger.debug("In deleteCookies() ..."); FacesContext facesCtx = FacesContext.getCurrentInstance(); if(facesCtx != null) { ExternalContext ectx = facesCtx.getExternalContext(); HttpServletRequest request = (HttpServletRequest)ectx.getRequest(); HttpServletResponse response = (HttpServletResponse)ectx.getResponse(); Cookie[] cookies = request.getCookies(); for (int i = 0; i < cookies.length; i++) { cookies[i].setMaxAge(0); cookies[i].setPath("/"); cookies[i].setDomain(EXAMPLE_DOMAIN); } Cookie ObSSOCookie = new Cookie(OBSSO_COOKIE_ATTR, LOGOUT_CONTINUE); ObSSOCookie.setMaxAge(0); ObSSOCookie.setPath("/"); ObSSOCookie.setDomain(EXAMPLE_DOMAIN); response.addCookie(ObSSOCookie); } logger.debug("Leaving deleteCookies()..."); } }