[ https://issues.apache.org/jira/browse/WICKET-6668?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16840996#comment-16840996 ]
ASF subversion and git services commented on WICKET-6668: --------------------------------------------------------- Commit 6f491eafecf2a79aa436cae6b64cdd6cc756aca3 in wicket's branch refs/heads/master from Martin Tzvetanov Grigorov [ https://gitbox.apache.org/repos/asf?p=wicket.git;h=6f491ea ] WICKET-6668 Sign out the existing session if a sign in attempt has failed > Sign out the existing session if a sign in attempt has failed > ------------------------------------------------------------- > > Key: WICKET-6668 > URL: https://issues.apache.org/jira/browse/WICKET-6668 > Project: Wicket > Issue Type: Improvement > Components: wicket-auth-roles > Affects Versions: 8.4.0, 9.0.0-M2 > Reporter: Martin Grigorov > Assignee: Martin Grigorov > Priority: Minor > > If a user is already authenticated but still (s)he goes to the login page and > tries to sign in again with invalid credentials Wicket does not fail the > attempt but continues successfully. > The correct behavior would be to report the signIn failure with error > feedback message and to sign out the already authenticated user. -- This message was sent by Atlassian JIRA (v7.6.3#76005)