How-to logout from ADF Security

ADF Security configures an authentication servlet, AuthenticationServlet, in the web.xml file that also provides a logout functionality. Developers can invoke the logout by a redirect performed from an action method in a managed bean as shown next

 public String onLogout() {
  FacesContext fctx = FacesContext.getCurrentInstance();
  ExternalContext ectx = fctx.getExternalContext();
  String url = ectx.getRequestContextPath() +
             "/adfAuthentication?logout=true&end_url=/faces/Home.jspx";    
  try {
    ectx.redirect(url);
  } catch (IOException e) {
    e.printStackTrace();
  }
  fctx.responseComplete();
  return null;
}

To use this functionality in your application, change the Home.jspx reference to a public page of yours that the user is redirected to after successful logout.

Note that for a successful logout, authentication should be through form based authentication. Basic authentication is known as browser sign-on and re-authenticates users after the logout redirect. Basic authentication is confusing to many developers for this reason.

Comments:

Post a Comment:
Comments are closed for this entry.
About

A blog on Oracle JDeveloper, ADF, MAF, MCS and other mobile and web topics inspired by questions and answers posted on the OTN forums.



Frank Nimphius

Search

Archives
« April 2015
SunMonTueWedThuFriSat
   
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
  
       
Today