Hi, I have just upgraded a maven build from about 10 days ago to the nightly build available on myfaces website. I am using a custom authentication method in a request scope bean. The code for the logout() method is performing the following : getRequest().getSession().invalidate(); Cookie terminate = new Cookie( TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY, null); terminate.setMaxAge(0); getResponse().addCookie(terminate); return "welcome"; The "welcome" refers to a navigation rule in my faces-config.xml : <navigation-rule> <from-view-id>/*</from-view-id> <navigation-case> <from-outcome>welcome</from-outcome> <to-view-id>/home.xhtml</to-view-id> <redirect /> </navigation-case> </navigation-rule> Before upgrading it was working fine but now I get this exception (I translated in english the message): java.lang.IllegalStateException: Not possible to create a session after the response has been sent at org.apache.catalina.connector.Request.doGetSession(Request.java:2206) at org.apache.catalina.connector.Request.getSession(Request.java:2024) at org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.java:831) at org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.java:842) at javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRequestWrapper.java:223) at org.apache.myfaces.component.html.util.ExtensionsFilter.getFacesContext(ExtensionsFilter.java:185) at org.apache.myfaces.component.html.util.ExtensionsFilter.doFilter(ExtensionsFilter.java:142) ... If I add a "getRequest().getSession(true);" before returning this solves the problem but I am worried about this change. Would anybody have some hint about what is the matter please? Thanks, Thomas |