X

The blog for hints & tips about Oracle Application Development Framework and Mobile Application Framework

  • ADFm
    January 4, 2011

How-to logout from ADF Security

Frank Nimphius
Master Principal Product Manager

ADF Security configures an authentication servlet, AuthenticationServlet,
in the web.xml file that also provides a logout functionality. Developers can
invoke the logout by a redirect performed from an action method in a managed
bean as shown next

 public String onLogout() {

  FacesContext fctx = FacesContext.getCurrentInstance();

  ExternalContext ectx =
fctx.getExternalContext();

  String url = ectx.getRequestContextPath()
+

             "/adfAuthentication?logout=true&end_url=/faces/Home.jspx";    

  try {

    ectx.redirect(url);

  } catch (IOException e) {

    e.printStackTrace();

  }

  fctx.responseComplete();

  return null;

}

To use this functionality in your application, change the Home.jspx reference to a public page of
yours that the user is redirected to after successful logout.

Note that for a
successful logout, authentication should be through form based authentication. Basic
authentication is known as browser sign-on and re-authenticates users after the
logout redirect. Basic authentication is confusing to many developers for this
reason.

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.