X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=security%2Fplugins%2Forg.argeo.security.ui.rap%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fsecurity%2Fui%2Frap%2FSecureEntryPoint.java;h=0dd0d173b0067c95ee8d0fc3d3a13fcd89a17e21;hb=61320e5902070e49d32379aab06faaa1544835ab;hp=10dced4b3e44be80502c4750277988b424025a23;hpb=1d5afdce3e91054f07ddd3c98309c363b4cf1d46;p=lgpl%2Fargeo-commons.git diff --git a/security/plugins/org.argeo.security.ui.rap/src/main/java/org/argeo/security/ui/rap/SecureEntryPoint.java b/security/plugins/org.argeo.security.ui.rap/src/main/java/org/argeo/security/ui/rap/SecureEntryPoint.java index 10dced4b3..0dd0d173b 100644 --- a/security/plugins/org.argeo.security.ui.rap/src/main/java/org/argeo/security/ui/rap/SecureEntryPoint.java +++ b/security/plugins/org.argeo.security.ui.rap/src/main/java/org/argeo/security/ui/rap/SecureEntryPoint.java @@ -70,6 +70,7 @@ public class SecureEntryPoint implements IEntryPoint { // around too long RWT.getRequest().getSession().setMaxInactiveInterval(loginTimeout); + // Try to load security context thanks to the session processing filter HttpServletRequest httpRequest = RWT.getRequest(); HttpSession httpSession = httpRequest.getSession(); Object contextFromSessionObject = httpSession @@ -140,7 +141,7 @@ public class SecureEntryPoint implements IEntryPoint { return new Integer(result); } }); - logout(loginContext, username); + // logout(loginContext, username); } finally { display.dispose(); } @@ -194,6 +195,11 @@ public class SecureEntryPoint implements IEntryPoint { protected void logout(ILoginContext secureContext, String username) { try { + HttpServletRequest httpRequest = RWT.getRequest(); + HttpSession httpSession = httpRequest.getSession(); + httpSession.setAttribute(SPRING_SECURITY_CONTEXT_KEY, null); + RWT.getRequest().getSession().setMaxInactiveInterval(1); + SecurityContextHolder.clearContext(); secureContext.logout(); log.info("Logged out " + (username != null ? username : "") + " (THREAD=" + Thread.currentThread().getId() + ")");