Hi there, one question concerning user login: what is the correct way of replacing the session after a successful user login? Calling org.apache.wicket.Session#replaceSession replaces the underlying web session. But what about the Wicket session itself? Will it also be replaced with a new instance?
I observed the following: * user is already logged in with an active session * user navigates to login page * user logs in as a different user * underlying http session is replaced (by calling replaceSession after login) * but: Wicket session stays the same instance, i.e. new user uses existing Wicket session including it’s state (properties stored in custom Wicket session) Am I missing something or doing something wrong? Cheers, Tom --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
