2
I’m using session.invalidate();
to invalidate the session, but when I access the Tomcat mailer it shows me that the session still exists.
The following code shows me that even after using the invalidate() method I can display information from an object that is in session. This object should not have been excluded?
@ManagedProperty("#{usuarioController}")
private UsuarioController usuarioController;
@RequestMapping("antigo")
public String antigo(HttpSession session) {
HttpSession s = (HttpSession) FacesContext.getCurrentInstance().getExternalContext().getSession(false);
FacesContext.getCurrentInstance().getViewRoot().getViewMap().remove("usuarioController");
s.invalidate();
if (usuarioController.getUsuarioLogado() == null) {
System.out.println("OBJETO LIMPO");
} else {
System.out.println("OBJETO CONTINUA: " + usuarioController.getUsuarioLogado().getNome());
}
HttpSession s1 = (HttpSession) FacesContext.getCurrentInstance().getExternalContext().getSession(false);
if (s1 == null) {
System.out.println("Sessão invalida");
} else {
System.out.println("Sessão valida");
}
if (usuarioController.getUsuarioLogado() == null) {
System.out.println("OBJETO LIMPO");
} else {
System.out.println("OBJETO CONTINUA: " + usuarioController.getUsuarioLogado().getNome());
}
return "login.xhtml?faces-redirect=true";
}