Matt Raible wrote:
Unfortunately, I looked at HttpSessionContextIntegrationFilter.java and found that I did use version 1.4 in my tests.Matt, I'm pretty sure it works fine now. I'm using Tomcat 5.5.7 on Win32 with JDK 1.5.0_01. I've edited the standard logout.jsp used in the Contacts Sample to the following:
<%@ page import="javax.servlet.http.Cookie" %>
<%@ page import="net.sf.acegisecurity.ui.rememberme.TokenBasedRememberMeServices" %>
<%
session.invalidate();
Cookie terminate = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY, null);
terminate.setMaxAge(0);
response.addCookie(terminate);
// response.sendRedirect("index.jsp");
%>
Then:
cd core maven clean maven jar:install cd ../samples/contacts maven clean maven multiwar:multiwar cp target\*filter*.war $TOMCAT_HOME/webapps
Then in my browser:
Visit http://localhost:8080/acegi-security-sample-contacts-filter/
Click "manage"
Login as scott
Click "logoff" - you then get a blank page, as there is no redirect
Re-enter the home page URL, http://localhost:8080/acegi-security-sample-contacts-filter/
Click "manage"
You are prompted to login
I'd really like to release 0.8.1, but I'm holding-off on the basis of this issue not being confirmed as corrected. Would people please let me know if they can continue to reproduce this issue, or if they agree it's fixed.
Thanks Ben
------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ Home: http://acegisecurity.sourceforge.net Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
