I am facing following issue. I have created the login page using LoginForm provided by Vaadin. On clicking on the login button, authentication service authenticates that person.

Showing issue on following scenario

  1. Logon with correct username and password
    - User logsin and can work on his/her components
  2. Logout by clicking on logout button provided
    - It will show the login page
  3. Type wrong user name and password
    - User is authenticated and able to get in to the desired page

What should I do to stop this from happening?

Vishal G


Can you please show the code that does this (I have not encountered this with LoginForm before)?

Best Regards,

The LoginForm does not handle authorization etc.

I would guess your logout action does not clear the authentication status in the session nor invalidate/close the session.

Thanks for your reply. I checked it… There was a small bug in my code…