How to gracefully close an Echo2 application
It depends
As always, it depends on what you need to achieve by "closing" the application.
The easy and quick way
As you know, Echo2 applications state is synchronized with the model stored into each user's session. So, if you just want to force the user to start from the beginning, changing the screen will be sufficient
ApplicationInstance.getActive().getDefaultWindow().setContent(new WelcomeMessageScreen());
In no way the user will be able to interact with previously rendered components, so security is safe.
Pros:
quick: you could already have a "welcome" screen, so "closing" your application is just the line above
Cons:
the session is still open
The servlet way
If the easy way is not enough because you want to invalidate user's session as soon as the user logs out, you may implement a short servlet.
public class LogoutServlet extends HttpServlet {
protected void service(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
request.getSession().invalidate();
response.sendRedirect(request.getContextPath() + "/");
}
}
Then, as your logout button has been pressed, redirect the user
Button button = new Button("logout");
button.addActionListener(new ActionListener() {
public void actionPerformed(ActionEvent event) {
//replace "logout" with the URL you mapped on the servlet
ApplicationInstance.getActive().enqueueCommand(
new BrowserRedirectCommand("logout"));
}
});
Note: you can't invalidate the session INSIDE the Echo application, because that will cause a "session expired" message; you need to invalidate the session outside the application. Although it may look weird, it's actually better as your application SHOULD NOT know in any way that it is running inside an "servlet container" (because Echo abstracts you from that). Having a "Logout Servlet" does not solve the problem, but isolates the session invalidation logic into a known, separate place.
Pros:
more control: session is invalidated programmatically.
Cons:
the above code may look reusable, but what if you need to dispose other resources as well? Read on
The servlet + session listener way
Suppose you also need to log how long a session lasted and/or to dispose other resources and/or to do something else when a user logs in and out. Then you need to implement the interface !HttpSessionListener and to register it into your servlet container. An empty one looks like:
public class MySessionListener implements HttpSessionListener {
private static final Log log = LogFactory.getLog(MySessionListener.class);
public void sessionCreated(HttpSessionEvent arg0) {
log.debug("new session created");
}
public void sessionDestroyed(HttpSessionEvent arg0) {
log.debug("a session was destroyed");
}
}
Code the two methods according to your needs. As you may have noticed, the "logout servlet" may be reused quite easily, while the above listener may be more specific to your application
Pros:
total control: forget for a while the beauty of Echo abstracting you from the web thing and brush up your servlet knowledge
Cons:
more code to write and maintain