1

I have a webapplication (JSF, CDI, EJB, Primefaces, WildFly Server). For authetication I use Apache Shiro.

My current problem is: How can I reset all Beans? So I have some SessionBeans (javax.enterprise.context.SessionScoped) for example: - DeviceBean - OrderBean

This session beans contains some information like device and order. This is also available for not authenticated users. In some more detail: I have a terminal computer. This terminal computer is using for 5 minutes PersonA. This user creates a order. After 5 minutes PersonB would like to use the terminal computer. But PersonA would like to delete his order and device information on the browser (not in the database). So I need a button like "Logout" which clears all this information.

I need a button which clean all session beans. Moreless the same to close the browser. I tried many things but nothing works.

How can I do this?

internet
  • 385
  • 1
  • 8
  • 27
  • What CDI / Impl version do you use? If the sole question is to manually destroy session scoped CDI beans, then it is [possible](http://stackoverflow.com/q/26514456/1391249) to manually destroy session scoped CDI managed beans, since CDI 1.1. – Tiny Nov 16 '15 at 21:22
  • I´m using CDI 1.1.... Is there no other possibilty? To clear all beans? – internet Nov 16 '15 at 21:30
  • All session scoped CDI beans will automatically get destroyed, if the associated HTTP session is destroyed (invalidated) as obvious. If you however, need to only destroy some or all session scoped beans without invalidating the associated HTTP session itself, then you can do as mentioned in the linked post. – Tiny Nov 16 '15 at 21:35
  • I guess I can also invalidating the associated HTTP session itself but how can I do this? Is there any difference because I´m using Apache Shiro – internet Nov 16 '15 at 21:37
  • Invalidating an entire session or destroy some of session scoped beans is fully dependent upon requirements i.e. the difference is in the need. An HTTP session in the JSF context can be invalidated just by invoking the `invalidateSession()` method on `ExternalContext` (`FacesContext.getCurrentInstance().getExternalContext().invalidateSession()`) analogous to `HttpSession#invalidate()` in the Servlet context. Apache Shiro is a security framework which should not have any relevance with invalidating the current session or removing some or all of session scoped CDI beans from the current session. – Tiny Nov 16 '15 at 21:50
  • The duplicate link is essentially not duplicate, if the sole question is to manually remove a few or all of session scoped CDI managed beans from the current session without invalidating the session itself. – Tiny Nov 16 '15 at 21:57
  • My session is stopped and afterwards Wildfly creates a new session. After clicking my logout button I will redirect to my login page. BUT!! If I go back with my browser I got the values which should be deleted from my bean? – internet Nov 16 '15 at 22:02
  • Back button "issue" is answered here http://stackoverflow.com/questions/10305718/avoid-back-button-on-jsf-web-application – BalusC Nov 17 '15 at 08:22

0 Answers0