4

I am trying to hit the Liferay logout servlet "c/portal/logout" through Java, but it always returns a 400 response:

private void sendPost() throws Exception {

    String url = "localhost:8080/c/portal/logout";

    HttpClient client = new DefaultHttpClient();
    HttpPost post = new HttpPost(url);

    // add header
    post.setHeader("User-Agent", USER_AGENT);
    HttpResponse response = client.execute(post);
    System.out.println("\nSending 'POST' request to URL : " + url);
    BufferedReader rd = new BufferedReader(
                    new InputStreamReader(response.getEntity().getContent()));

    StringBuffer result = new StringBuffer();
    String line = "";
    while ((line = rd.readLine()) != null) {
        result.append(line);
    }

    System.out.println(result.toString());

}
Tobias Liefke
  • 8,637
  • 2
  • 41
  • 58
ravicandy1234
  • 156
  • 1
  • 2
  • 13
  • Did you try a "GET" instead of a "POST"? – Tobias Liefke Nov 16 '16 at 13:57
  • Hi,I have tried both GET and POST nothing seems to work – ravicandy1234 Nov 17 '16 at 05:08
  • I've tried your code slightly modified without `USER_AGENT` and with `url = "http://localhost:8080/c/portal/logout"` and `HttpGet`- I receive a `HTTP/1.1 200 OK`. So there is something missing on your side. Could you add the result of `response.getStatusLine()`? – Tobias Liefke Nov 17 '16 at 19:19
  • Review your configured servlet filters. For instance, `CASFilter` will send a redirect to `PropsKey.CAS_LOGOUT_URL` on logout – SleepyTonic Nov 20 '16 at 18:56

1 Answers1

0

Assuming your intention is to logout a user's session, the best way is to call sendRedirect on an HttpServletResponse reference 

public void myPostAction(ActionRequest request, ActionResponse response) throws Exception {
    // ...
    response.sendRedirect("/c/portal/logout");
}
SleepyTonic
  • 506
  • 5
  • 11
  • Hi Sleepy Tonic : Thanks for you reply I am aware that I can redirect the user "/c/portal/logout" but this causes a redirection I need to silently logout if any existing user is logged in calling all the pre and post logout hooks if configured. – ravicandy1234 Nov 21 '16 at 04:58
  • @ravicandy1234: As far as I know `/c/portal/logout` is not a global logout action. If you can get a hold of all live sessions you can call `PortalSessionContext.get(sessionId).invalidate()` but the filters won't be executed. hth – SleepyTonic Nov 21 '16 at 18:37