[
https://issues.apache.org/jira/browse/WICKET-4952?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13545778#comment-13545778
]
Martin Grigorov commented on WICKET-4952:
-----------------------------------------
Can you describe in what use case you use #replaceSession() ?
It is usually used right after login to prevent some security problems. At that
time your application is not expected to have any meaningful state in session
scoped beans.
If you use #replaceSession() in a later state of the application lifecycle then
I'm interested what is the use case.
> Wicket-CDI and o.a.w.Session.replaceSession() do not play nice.
> ---------------------------------------------------------------
>
> Key: WICKET-4952
> URL: https://issues.apache.org/jira/browse/WICKET-4952
> Project: Wicket
> Issue Type: Improvement
> Components: wicket-cdi
> Affects Versions: 6.3.0, 6.4.0
> Reporter: Dominik Drzewiecki
>
> As CDI session-scoped beans are bound to the session, invoking
> o.a.w.Session.replaceSession() results in destoroying HttpSession and all
> bound beans. Maybe we could provide some hack to workaround this so that the
> beans wo't get flushed and be rebound to the newly created HttPSession?
> It is an evident servlet APIs shortcoming; it definitely lacks some more
> standard replaceSession() in its API.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
