0

How to destroy session on browser close/tab close in Vaadin? We can use javascript to handle this. I tried below code: Page.getCurrent().getJavaScript().execute("window.onbeforeunload = function (e) { var e = e || window.event; closeMyApplication(); return; };"); Problem with above script is, it will fire onbeforeunload event on page refresh also. Also, how to handle this situation in mobile devices(touch devices)?

Tatu Lund
  • 9,949
  • 1
  • 12
  • 26
Harita Parmar
  • 75
  • 1
  • 1
  • 9
  • 2
    You will have more problems than that. `beforeunload` is also triggered when downloading a file through a link. This happens because the browser fires `beforeunload` when it sends the request with the assumption that it will lead to navigating away. When receiving the response, the browser sees the headers that say that it's a download and not a new page to navigate to. – Leif Åstrand May 25 '18 at 08:50
  • Yes...you are correct..thank you !! – Harita Parmar May 28 '18 at 04:57

1 Answers1

2

I recommend to set closeIdleSessions to true and short heart beat interval, which should force Vaadin internal session clean up mechanism to destroy sessions faster after web browser has been closed.

If that is not helping, there is also helper add-on https://vaadin.com/directory/component/cleanupservlet-add-on

Copying from https://vaadin.com/docs/v8/framework/application/application-lifecycle.html

Session Expiration

A session is kept alive by server requests caused by user interaction with the application as well as the heartbeat monitoring of the UIs. Once all UIs have expired, the session still remains. It is cleaned up from the server when the session timeout configured in the web application expires.

If there are active UIs in an application, their heartbeat keeps the session alive indefinitely. You may want to have the sessions timeout if the user is inactive long enough, which is the original purpose of the session timeout setting. If the closeIdleSessions parameter of the servlet is set to true in the web.xml, as described in "Using a web.xml Deployment Descriptor", the session and all of its UIs are closed when the timeout specified by the session-timeout parameter of the servlet expires after the last non-heartbeat request. Once the session is gone, the browser will show an Out Of Sync error on the next server request. To avoid the ugly message, you may want to set a redirect URL for the UIs, as described in "Customizing System Messages".

The related configuration parameters are described in "Other Servlet Configuration Parameters".

You can handle session expiration on the server-side with a SessionDestroyListener, as described in User Session.

Tatu Lund
  • 9,949
  • 1
  • 12
  • 26