Hi Maarten, It looks like you found a bug that I introduced last week. But I've committed a fix. Please update the trunk and try again. Thanks so much for pointing this out!
Cheers, Les On Fri, Apr 17, 2009 at 7:02 PM, Les Hazlewood <[email protected]>wrote: > P.S. Thanks for the pom changes, they worked perfectly! > > > On Fri, Apr 17, 2009 at 7:01 PM, Les Hazlewood <[email protected]>wrote: > >> Hi Maarten, >> >> I finally had time to try this out. I do indeed see what you're >> describing - it is probably an invalid cache configuration on my part. I'll >> play with it a bit and see what I did wrong. >> >> Cheers, >> >> Les >> >> >> On Tue, Apr 7, 2009 at 6:14 PM, Maarten Bosteels <[email protected] >> > wrote: >> >>> Hello, >>> >>> I am trying out the spring-sample on trunk. >>> >>> URL: >>> https://svn.apache.org/repos/asf/incubator/jsecurity/trunk/samples/spring >>> Revision: 761927 >>> >>> * login as user1 >>> * set value = ABC >>> * logout >>> * login as user2 (same browser) >>> => I see the value saved by user1 (and the same session id) >>> >>> I've observed this behavior on tomcat 5.5.23, tomcat 6.0.18 and with >>> maven jetty:run >>> >>> I added some logging in LoginController and LogoutController and this >>> is the output: >>> >>> 2009-04-07 23:52:18,968 INFO >>> [org.apache.ki.samples.spring.web.LogoutController] - after session >>> invalidated: session=org.apache.ki.web.servlet.kihttpsess...@1429c57 >>> 2009-04-07 23:52:18,968 INFO >>> [org.apache.ki.samples.spring.web.LogoutController] - after session >>> invalidated: session.id=27c182a9-093a-4d94-8525-89828c8f40fe >>> 2009-04-07 23:52:18,968 INFO >>> [org.apache.ki.samples.spring.web.LogoutController] - after session >>> invalidated: session.getCreationTime()=1239141131962 >>> ... >>> 2009-04-07 23:52:21,612 INFO >>> [org.apache.ki.samples.spring.web.LoginController] - before login: >>> session=org.apache.ki.web.servlet.kihttpsess...@46752d >>> 2009-04-07 23:52:21,612 INFO >>> [org.apache.ki.samples.spring.web.LoginController] - before login: >>> session.id=27c182a9-093a-4d94-8525-89828c8f40fe >>> 2009-04-07 23:52:21,612 INFO >>> [org.apache.ki.samples.spring.web.LoginController] - before login: >>> session.getCreationTime()=1239141131962 >>> >>> private void logSession(String when, HttpServletRequest request) { >>> HttpSession session = request.getSession(false); >>> logger.info(when + ": session=" + session); >>> if (session != null) { >>> logger.info(when + ": session.id=" + session.getId()); >>> logger.info(when + ": session.getCreationTime()=" + >>> session.getCreationTime()); >>> } >>> } >>> >>> By the way, I had to make some minor changes to >>> trunk/samples/spring/pom.xml before I could run the application: >>> >>> --- pom.xml (revision 761927) >>> +++ pom.xml (working copy) >>> @@ -85,10 +85,12 @@ >>> <dependency> >>> <groupId>org.slf4j</groupId> >>> <artifactId>slf4j-log4j12</artifactId> >>> + <scope>runtime</scope> >>> </dependency> >>> <dependency> >>> <groupId>log4j</groupId> >>> <artifactId>log4j</artifactId> >>> + <scope>runtime</scope> >>> </dependency> >>> <dependency> >>> <groupId>org.springframework</groupId> >>> @@ -98,6 +100,21 @@ >>> <groupId>org.springframework</groupId> >>> <artifactId>spring-webmvc</artifactId> >>> </dependency> >>> + >>> + <dependency> >>> + <groupId>hsqldb</groupId> >>> + <artifactId>hsqldb</artifactId> >>> + <version>${hsqldbVersion}</version> >>> + <scope>runtime</scope> >>> + </dependency> >>> + >>> + <dependency> >>> + <groupId>javax.servlet</groupId> >>> + <artifactId>jstl</artifactId> >>> + <version>1.2</version> >>> + <scope>runtime</scope> >>> + </dependency> >>> + >>> </dependencies> >>> >>> >>> regards, >>> Maarten >>> >> >> >
