Vaadin: Session Expired

I’m using
Apache Shiro

Almost everything works good - user can log in and log out. But when he tries to log in again (immediately after logging out and redirecting to login page) the popup appears

Session Expired Take note of any unsaved data, and click here or press ESC key to continue.

Actually, every user action on login page causes this message and elements don’t work on this page (for example, click listener of login button is not called when user presses this button).
I use pretty standard way to handle user session with
Apache Shiro
. This one for log in:

Subject currentUser = SecurityUtils.getSubject(); currentUser.login(new UsernamePasswordToken(event.getLogin(), event.getPassword())); and this one for logging out:

Subject currentUser = SecurityUtils.getSubject(); currentUser.logout(); How should I handle vaadin session in order to prevent this popup? Maybe I missed some additional steps?

Hi Alex,

since I’m just facing exactly the same issue : did you find a solution for this ?



I know nothing about Shiro but what I’m guessing is that you’re not redirecting/reloading the Page after the Session is expired.
In normal Vaadin you should do a Page.reload() or a Page.setLocation(“”) or similar after invalidating the Session.

The errors/exceptions mean that the UI is trying to access a Session which is no longer available…because you/Shiro invalidated it.

Hi Marius,
thanks for the fast reply. Shiro kills the session when logging out. I wasn’t aware, that there is a difference between

getUI().getPage().setLocation("login") and

getUI().getNavigator().navigateTo("login"); for redirecting. The first line works, the second not. Many thanks !
Also helpful (as usual) :