You don't need declare the sessionRegistry as a listener in your web.xml this class effectly is a listener but in acegi documentation always appear declared as a bean in the security context, works as a listener too but you can inject into others beans. So declare only one time and remove the listener, just handle as a bean.
------------------------------------------------------------------------- SF.Net email is sponsored by: The Future of Linux Business White Paper from Novell. From the desktop to the data center, Linux is going mainstream. Let it simplify your IT future. http://altfarm.mediaplex.com/ad/ck/8857-50307-18918-4 _______________________________________________ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer