I have a problem with jasig cas logout. When I try to call logout method below, I obtain this error:
HTTP Status 500 - Cannot create a session after the response has been committed.
javax.servlet.ServletException: Cannot create a session after the response has been committed
public String logout() {
Logger logger = Logger.getLogger(this.getClass().getName());
ExternalContext extCtx = FacesContext.getCurrentInstance()
.getExternalContext();
HttpServletResponse response = (HttpServletResponse) extCtx
.getResponse();
String casLogoutURL = extCtx.getInitParameter("casLogoutURL");
String serverName = extCtx.getInitParameter("serverName");
try {
extCtx.invalidateSession();
logger.debug("Session Destroyed!");
response.sendRedirect(casLogoutURL + "?service="
+ URLEncoder.encode(serverName, "UTF-8"));
logger.debug("Logging out user...");
} catch (IOException e) {
logger.error("Impossible execute redirect after logout - CAS URL SERVER UNREACHABLE");
e.printStackTrace();
}
return null;
}
I understood that after redirect function doesn't break life cycle, so the invoking page will be processed after return. I would like destroy session and the go to CAS logout page. How can I resolve this problem?
