At the root of this we're going to need an HttpSessionListener declared in web.xml. I'm not sure there's any way around that. Here's what I propose...
Everything below is almost totally non-Acegi it seems like this should exist in Spring somewhere already, but anyway... <listener> <listener-class>net.sf.acegisecurity.ui.session.HttpSessionEventPublisher</listener-class> </listener> The HttpSessionEventPublisher implements HttpSessionListener and ServletContextListener. In the contextInitialized event we get the WebApplicationContext using the Spring WebApplicationContextUtils For the sessionCreated and sessionDestroyed we publish events in the ApplicationContext HttpSessionCreatedEvent and HttpSessionDestroyedEvent respectively. This gives us the Spring-wide session destroyed handling we'll need. I haven't done much past this yet. Just wanted to get a post up. -Ray ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ Home: http://acegisecurity.sourceforge.net Acegisecurity-developer mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
