You have to realize that both swarm and acegi keep a copy of the logged in user. So you have to logoff at 2 places. You could use a logoff page but imo it would be better to do the logging off in the link itself. Something like: Link logoff = new Link("logoff") {
private static final long serialVersionUID = 1L; public void onClick() { WaspSession waspSession = ((WaspSession)getSession()); if (waspSession.logoff(getLogoffContext())) { SecurityContextHolder.getContext().setAuthentication(null); // homepage is not allowed anymore so we end up at the loginpage setResponsePage(Application.get().getHomePage()); } else error("A problem occured during the logoff process, please try again or contact support"); } }; add(logoff); By placing this link on your basepage all pages extending from basepage will have a logoff button. Maurice On Mon, Jun 30, 2008 at 4:10 PM, David R Robison <[EMAIL PROTECTED]> wrote: > I am using Swarm with Acegi integration. Authentication and authorization > work fine, but I am having trouble logging out. I use a link to a Logout > class that implements the following code to log the user out. > public class LoggedOutPage extends SecureWebPage { > private static final long serialVersionUID = 1L; > > /** > * Constructor. > */ > public LoggedOutPage() { > super(); > logout(); > setResponsePage(MainPage.class); > } > /** > * log the user out. > */ > public void logout() { > SecurityContextHolder.getContext().setAuthentication(null); > WebRequest webRequest = (WebRequest)getRequest(); > webRequest.getHttpServletRequest().getSession().invalidate(); > } > } > > However, when I am redirected to the MainPage.class, the user is not asked > to login again and the class throws a null pointer error when it tries to > access the logged in user. Am I doing something wrong? > Thanks, David > > -- > > David R Robison > Open Roads Consulting, Inc. > 708 S. Battlefield Blvd., Chesapeake, VA 23322 > phone: (757) 546-3401 > e-mail: [EMAIL PROTECTED] > web: http://openroadsconsulting.com > blog: http://therobe.blogspot.com > book: http://www.xulonpress.com/book_detail.php?id=2579 > > This e-mail communication (including any attachments) may contain > confidential and/or privileged material intended solely for the individual > or entity to which it is addressed. If you are not the intended recipient, > you should immediately stop reading this message and delete it from all > computers that it resides on. Any unauthorized reading, distribution, > copying or other use of this communication (or its attachments) is strictly > prohibited. If you have received this communication in error, please notify > us immediately. > > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]