Hi
I am trying to get Acegi (Spring Security) working with Wicket.
It almost works except that if I close the browser and reopen the page I get a
null pointer exception because the
SecurityContextHolder.getContext().getAuthentication() is null in the
getRoles() method of the appSession, which is actually what I would expect as
the use should not be logged on because the browser was closed.
It appears to me that Wicket-auth-roles is not noticing that the user is not
authenticated (its remembering the previous authentication) so checks to see if
they have the role required to access the page and because the authentication
does not exist in the security context I get NullPointerException.
Been going around this all morning, completely out of ideas.
Ian
___________________________________________________________
Yahoo! Answers - Got a question? Someone out there knows the answer. Try it
now.
http://uk.answers.yahoo.com/
