Wicket 1.2.3 User A and B share a computer at an office.
User A logs in. Session is setup with account info. User A doesn't log out. User B clicks on his login bookmark, and logs in using the same session (as it wasn't invalidated with a logout) -- the same session is reused. The login process would then need to manually clear any of the user-specific objects that may have been stored in the session (eg, user preferences, whatever was set in the custom session object). A way around this would be for the login page to invalidate the session, but then a submit would have a page expired error. Any graceful way around this in wicket 1.2.3? ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user
