Hi Seloha,
Thanks for the response. In my attempts to use ACEGI security, I have
run into a problem where on the first request, ACEGI will perform
authentication but not create an HttpSession object. However, my
tapestry application depends on the SecureContext object being stored
in the HttpSession in order to extract the authentication information
like userName. After tapestry creates the session and throws an
exception, ACEGI then populates the session with the appropriate
object. Have you experienced this problem? If so, how did you get
around it.
Thanks,
Anthony
On 6/28/05, seloha . <[EMAIL PROTECTED]> wrote:
> I have had similar problems trying to logout whilst using acegi. The
> mechanism I now use that seems to work fine was suggested on this list,
> involves redirecting to a jsp page to let that invalidate the session.
>
> In your html template:
>
> <a href="logout.jsp" jwcid="logout" >Logout</a>
>
> In your .page:
>
> <component id="logout" type="Any">
> <binding name="href" value="page.engine.contextPath + '/logout.jsp'"/>
> </component>
>
> In the root directory of your app create a logout.jsp with the following
> content:
>
> <%
> session.invalidate();
> response.sendRedirect( "app");
> %>
>
> This should hopefully work,
>
> Paul
>
>
> Anthony Fox <[EMAIL PROTECTED]> wrote:
>
> My application uses ACEGI x509 authentication. I have implemented a
> logout link that calls a listener which does the following:
>
> public void logout(IRequestCycle cycle) {
> try {
> ((Visit)getVisit()).logout();
> IEngineServiceView engineView =
> (IEngineServiceView)getEngine();
> engineView.restart(cycle);
> cycle.activate("Home");
> } catch (Exception e) {
> throw new ApplicationRuntimeException(e);
> }
> }
>
> When the browser is redirected to the "Home" page, I would expect a
> new session to be created and the authentication process to occur.
> However, I am not seeing the authentication process occur at all.
> Rather, my Visit object attempts to initialize and there is no
> SecureContext in the HttpSession.
>
> Has anyone had similar experiences? Is there something I am doing wrong?
>
> Thanks,
> Anthony
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
