ADF_Logout
3
ADF Logout Recently I was struggling with performance issues with custom ADF logout page. We did not use ADF Security but wrote our own server side logout functionality. The logout process required 2 steps - 1. Invalidate the ADF session which contains some session variables, user information 2. Redirect to the logout page. User could logout in different ways i.e. By Disagreeing the term & condition or by clicking the Logout link (on the header) anywhere in the application. It is necessary to call logout java method defined inside Managed Bean to invalidate user session and redirect the response to logout.html. The problem – 1. The performance depends upon the page where you are logging out because the managed bean logout method ( applicationLogout) was called using “partialSubmit”. partialSubmit is asynchronous AJAX call where entire ViewState is posted back on each submit. The entire ADF server side lifecycle occurs on each postback causing slow logout process. One of the pages had 4 table components and “logout” was taking a long time due to the partialSubmit. 2. Logout link exists on many application headers; I need to make sure “Managed Bean” is accessible from all the headers. The Solution – I developed a logout.jspx page, responsible for calling the managed bean application logout (applicationLogout) method. Each logout link/button can link to this logout.jspx. The logout.jspx has only one method to execute (applicationLog out) resulting faster performance. The header.jspx is included on all pages. We added “logout” button on header.jspx header.jspx <af:goLink destination=". ./logout.jspx" inlineStyle=" color:Navy; font- weight:bold;"> <af:outputText id="gl1" value="Logout"/> </af:goLink> The logout.jspx implements a clientListener (javascipt onLod()) method clientLogout which calls managed bean’s logout method serverLogout. logout.jspx <?xml version='1.0' encod ing='UTF-8'?> <jsp:root xmlns:jsp="http ://java.sun.com/JSP/Page" ve rsion="2.1" xmlns:f="http://java.sun.com/jsf/core" xmlns:af="http://xmlns.oracle.com/adf/faces/rich"> <jsp:directive.page conte ntType="text/html;charset=UT F-8"/> <f:view> <af:document id="doc1" ti tle="Test">
-
Upload
amitkhare77 -
Category
Documents
-
view
216 -
download
0
Transcript of ADF_Logout
8/2/2019 ADF_Logout
http://slidepdf.com/reader/full/adflogout 1/3
ADF Logout
Recently I was struggling with performance issues with custom ADF logout page. We did not
use ADF Security but wrote our own server side logout functionality.
The logout process required 2 steps -
1. Invalidate the ADF session which contains some session variables, user information
2. Redirect to the logout page.
User could logout in different ways i.e. By Disagreeing the term & condition or by clicking the
Logout link (on the header) anywhere in the application.
It is necessary to call logout java method defined inside Managed Bean to invalidate user
session and redirect the response to logout.html.
The problem –
1. The performance depends upon the page where you are logging out because the
managed bean logout method (applicationLogout
) was called using “partialSubmit”.
partialSubmit is asynchronous AJAX call where entire ViewState is posted back on each
submit. The entire ADF server side lifecycle occurs on each postback causing slow logout
process. One of the pages had 4 table components and “logout” was taking a long time
due to the partialSubmit.
2. Logout link exists on many application headers; I need to make sure “Managed Bean” is
accessible from all the headers.
The Solution –
I developed a logout.jspx page, responsible for calling the managed bean application
logout (applicationLogout) method. Each logout link/button can link to this
logout.jspx. The logout.jspx has only one method to execute (applicationLogout)
resulting faster performance.
The header.jspx is included on all pages. We added “logout” button on header.jspx
header.jspx
<af:goLink destination="../logout.jspx" inlineStyle="color:Navy; font- weight:bold;">
<af:outputText id="gl1" value="Logout"/> </af:goLink>
The logout.jspx implements a clientListener (javascipt onLod()) method clientLogout which calls
managed bean’s logout method serverLogout.
logout.jspx
<?xml version='1.0' encoding='UTF-8'?> <jsp:root xmlns:jsp="http://java.sun.com/JSP/Page" version="2.1"
xmlns:f="http://java.sun.com/jsf/core"xmlns:af="http://xmlns.oracle.com/adf/faces/rich">
<jsp:directive.page contentType="text/html;charset=UTF-8"/> <f:view> <af:document id="doc1" title="Test">
8/2/2019 ADF_Logout
http://slidepdf.com/reader/full/adflogout 2/3
<af:resource type="javascript"> function clientLogout (event){ parent.AdfCustomEvent.queue(AdfPage.PAGE.findComponent('doc1'),
"serverLogout",{},false);return true;
} </af:resource> <af:clientListener method="clientLogout" type="load"/> <af:serverListener type=" serverLogout "
method="#{authutil.applicationLogout}"/> <af:form id="fm1"> <af:panelGroupLayout> <af:spacer height="250" id="s33"/> <af:spacer width="450" id="s1"/><af:outputText value="Logging out
...." id="out1" inlineStyle="font-size:20px;align:center;"/> </af:panelGroupLayout>
</af:form> </af:document>
</f:view>
</jsp:root>
Managed Bean - AuthenticationUtil.java
package foo.test.logout.util;
import java.io.IOException;import java.util.Calendar;import java.util.Date;import javax.faces.context.ExternalContext;import javax.faces.context.FacesContext;import javax.servlet.http.Cookie;import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;import javax.servlet.http.HttpSession;import org.apache.commons.logging.Log;import org.apache.commons.logging.LogFactory;import oracle.adf.view.rich.render.ClientEvent;
public class AuthUtil{
public static final String OAM_REMOTE_USER_ATTR = "OAM_REMOTE_USER"; public static final String OBSSO_COOKIE_ATTR = "ObSSOCookie"; public static final String LOGOUT_CONTINUE = "loggedoutcontinue"; public static final String EXAMPLE_DOMAIN = ".example.com";
public static final String LOGOUT_URL = "logout.url";
private static final Log logger =LogFactory.getLog(AuthUtil.class.getName());
public AuthUtil() {super();
}
public void applicationLogout(ClientEvent ce){
8/2/2019 ADF_Logout
http://slidepdf.com/reader/full/adflogout 3/3
logger.debug("In appLogout()..");FacesContext fctx = FacesContext.getCurrentInstance();ExternalContext ectx = fctx.getExternalContext();
try{
HttpServletRequest request =(HttpServletRequest)ectx.getRequest();
deleteCookies();HttpSession session = (HttpSession)ectx.getSession(false);if (session != null){
session.invalidate();}// You can store this URL in Resource Bundle (Property File)
String logoutUrl = ectx.getRequestContextPath() +"/html/logout.html";
ectx.redirect(logoutUrl);} catch (IOException e) {
e.printStackTrace();
}fctx.responseComplete();
}
private void deleteCookies() {// Remove ObSSOCookie and other cookies..
//You can delete the cookies in logout.html as welllogger.debug("In deleteCookies() ...");FacesContext facesCtx = FacesContext.getCurrentInstance();if(facesCtx != null){
ExternalContext ectx = facesCtx.getExternalContext();HttpServletRequest request =
(HttpServletRequest)ectx.getRequest();HttpServletResponse response =
(HttpServletResponse)ectx.getResponse();Cookie[] cookies = request.getCookies();for (int i = 0; i < cookies.length; i++){
cookies[i].setMaxAge(0);cookies[i].setPath("/");cookies[i].setDomain(EXAMPLE_DOMAIN);
}Cookie ObSSOCookie = new Cookie(OBSSO_COOKIE_ATTR,
LOGOUT_CONTINUE);ObSSOCookie.setMaxAge(0);
ObSSOCookie.setPath("/");ObSSOCookie.setDomain(EXAMPLE_DOMAIN);response.addCookie(ObSSOCookie);
}logger.debug("Leaving deleteCookies()...");
}
}
