Hi,
I have a problem. I must have separete URLs for session expiration and logout that occurs from ui event.
If I invoke Application.close(), it goes to “logoutURL” but it leaves session open. If I invoke Application.close() and then session.invalidate() it redirects to SessionExpiredURL.
How to logout so that it invalidates session and goes to logoutUrl when user clicks button?
Partial answer: I’ve noticed that one session may involve multiple Toolkit applications, therefore Application.close() does not close session. I’ve some time ago checked code from WebApplicationContext which handles sessions, you might want to do that too…
for what reason do you need to invalidate a session ? If you close the application by a close method, next time, when you try to use it - a new instance will be created, so you can bind all application-specific variables and data to the Application class instance, not to the session.
Normally, if http session expires by a timeout, for istance, this is automatically handled by itmill - your application instance will be closed for you, user will notice the “Session expired” message dialog and then application will restart.