AnsweredAssumed Answered

How to destroy a user session?

Question asked by zz88 on Apr 26, 2011
Hey guys,

I have created a webscript that I was hoping would terminate the current user session, but alas it doesn't seem to.

The user must first log on to alfresco (as the script requires 'user' authentication) & after my script had been called I was hoping the user would have to log on again to continue using any services that required the user to be authenticated, but it doesn't seem to achieve this.

The script runs fine but does not destroy the session… the current user remains authenticated.

I am calling the script with a post method from a simple HTML page and I know the error (or mistake) lies in the server side script. Please tell me what I've done wrong?

Thanks, Jonathan


/**
* Invalidates the user session.
*
* @author Jon
*
*/

public class LogOutPostWebScript extends AbstractDRSWebScript {

    /** The Logger. */
    private static final Logger LOGGER = Logger.getLogger(UsersGetWebScript.class);

    /** Injected AuthenticationService. */
    private AuthenticationService authenticationService;

    @Override
    public void execute(final WebScriptRequest request, final WebScriptResponse response) throws IOException {

        LOGGER.debug(authenticationService.getCurrentUserName());

        //String ticket = authenticationService.getCurrentTicket();

        authenticationService.invalidateUserSession(authenticationService.getCurrentUserName());
        LOGGER.debug(authenticationService.getCurrentUserName());

        JSONObject obj = new JSONObject();

        try {
            obj.put("field1", "logged out successfully");
        } catch (JSONException e) {
            throw new WebScriptException("Unable to serialize JSON", e);
        }

        String jsonString = obj.toString();
        response.getWriter().write(jsonString);
    }

    /**
     * @param authenticationService is the authentication service
     */
    public void setAuthenticationService(final AuthenticationService authenticationService) {
        this.authenticationService = authenticationService;
    }
}

Outcomes