Atm, my project using Vaadin 7. And i'm creating a login form. I need to invalid session before log in user so user will get new session id each time.
Currently, i try to get VaadinSession, then get WrappedSession, and finally invalid that WrappedSession.
VaadinSession.getCurrent().getSession().invalidate();
This did invalidate my HttpSession and generate new session id ( Which calling close() from VaadinSession can't do it ). But after i invalidate my session, UI hang without any error.
So is it correct to invalid HttpSession this way? Or there some better way to invalid session ?
Thank you for your help!
Ok so after a while checking class reference, this is the correct way to handle it in Vaadin 7:
VaadinService.reinitializeSession(VaadinService.getCurrentRequest());
They changed class which hold this method, making me have a hard time finding it.