closeSessionOnLogout

The closeSessionOnLogout method is called when the user closes a session during the log-out process. If there are multiple sessions to be closed, this method will be called once for each session.

A common scenario in which this method is used in a custom implementation of the ESM is:

• When one user releases a session by logging out, this same session ID is provided to another user. In this case the method returns a false value, which causes the session object to be deleted from the current user, but the connection with Intelligence Server and project to be kept alive. This is useful when the custom application is built to reuse the same pool of sessions.

The following information is provided to help you use this method when you create a custom External Security Module.

• Method signature 

• Parameters 

• Return values 

• Pre-conditions 

• Post-operations

Method signature

public boolean closeSessionOnLogout(RequestKeys reqKeys, ContainerServices cntSvcs, WebIServerSession user)

Parameters

The following parameters are passed into the closeSessionOnLogout method: 

• reqKeys

  This parameter allows the External Security Module to inspect information present in the original request. This information represents a collection of cookie, URL, and FORM data key/value pairs, together with information from session variables. 

• cntSvcs

  This parameter provides a way for the External Security Module to directly interact with the container to do such things as inspecting session variables and other data values not exposed through the RequestKeys object or accessing values such as headers that are not available through the RequestKeys instance. 

• user

  This parameter provides the WebIServerSession associated with the user making the request.

Return values

The closeSessionOnLogout method returns a boolean value indicating whether sessions should be closed during log-out.

• true (default)

  The session should be closed during log-out.  

• false

  The session should not be closed during log-out.

Pre-conditions

This method is called every time a user explicitly logs out. Specifically, it is called each time acloseSession()method (on theWebIServerSession) is about to be called, to determine if the session should be closed.

Post-operations

The following operations take place after the method call has finished, based on the return value:

• If this method returns "false", the session is not closed but simply released from the user within the application. The user gets the impression that he or she is no longer connected to Intelligence Server because the session object is deleted from that user; however, the connection with Intelligence Server and project is kept alive. 

• If this method returns "true"', the application calls the closeSession method on the session object. If an error is generated while attempting to close the session, the user session is still closed but an exception is thrown and a generic error is displayed to the user.