Hi, thanks for your advise. I'll check if I can change to tapestry-security.
>>> "Thiago H de Paula Figueiredo" <thiag...@gmail.com> 10.04.2014 15:10 >>> On Thu, 10 Apr 2014 09:40:56 -0300, Marco Wulf <w...@dsb.net> wrote: Hi all, Hi! I use shiro-1.2.1 for web security implementations. Are you using tapestry-security (Tapestry-Shiro integration)? If not, the problem is probably not in Tapestry, as your Tapestry code is just using Shiro and very probably wouldn't have effect on it. I'd check your code for places that invalidate the HTTP session. I'd also suggest you to use Request and Session, from Tapestry, instead of HttpServletRequest and HttpSession directly. Anyway, if you don't want to use tapestry-security, I seriously advise you to do it. You'll have way less code to do the same checks and very probably less bugs too. -- Thiago H. de Paula Figueiredo Tapestry, Java and Hibernate consultant and developer http://machina.com.br
--------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org