Hi > Am 14.01.2015 um 04:01 schrieb Alexander Klimetschek <[email protected]>: > > On 12.01.2015, at 14:53, Alexander Klimetschek <[email protected]> wrote: >> Ack, sounds good. I created https://issues.apache.org/jira/browse/SLING-4301 > > I attached a patch. > > But while testing it, I had a problem, see > https://issues.apache.org/jira/browse/SLING-4301?focusedCommentId=14276415&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-14276415 > > We currently have to use HttpServlets directly registered with the osgi > HttpService (since we need to handle wildcard paths), i.e. not sling > servlets, but we reuse the sling authenticator in handleSecurity. > > This works fine with other, normal ways of logging in to the JCR using e.g. > jackrabbit tokens, this problem only comes up with the user.jcr.session + > logout approach. > > Any ideas?
The SlingAuthenticator.requestDestroyed method is called *after* the service method has been called and completed. I cannot reproduce your problem. Would you be able to provide some sample code which exhibits this issue ? Thanks. See als my comments in the issue. Regards Felix > > Cheers, > Alex
