Thanks a lot, I'll give it a try. On Tue, Jun 24, 2008 at 5:54 PM, Maurice Marrink <[EMAIL PROTECTED]> wrote:
> First login with the second context, then log off with the first > context. swarm will invalidate the session after the last subject has > logged off. which is what is happening in your case. > The easiest is to use different logincontexts classes for this but you > should also be able to use the level parameter you can pass to the > constructor. > > Maurice > > On Tue, Jun 24, 2008 at 3:48 PM, Sergey Podatelev > <[EMAIL PROTECTED]> wrote: > > Thanks Maurice, this is exactly what I've done so far. > > But for some reason, session is reset. > > > > I'm using Acegi, and my LoginContext looks very similar to the one > provided > > in the example of Swarm/Acegi integration. > > Since Authentication object containing user credentials, kept in Acegi's > > SecurityContext is being destroyed, I save it and pass to the login > context. > > > > Here's what I do: > > > > ReauthPage.java: > > ... > > Authentication authentication = > > SecurityContextHolder.getContext().getAuthentication(); > > UsernamePasswordAuthenticationToken token = > > (UsernamePasswordAuthenticationToken) authentication; > > > > ((WaspSession) getSession()).logoff(MyLoginContext()); > > ((WaspSession) getSession()).login(MyLoginContext(token)); > > > > setResponsePage(SomePage.java); > > > > At this point everything seems to be okay, no exceptions are thrown that > > would be in case of unsuccessful authentication from LoginPage. > > However, once SomePage.java is instantiated, the newSession() method of > > MyApplication is called, thus logging user out. > > > > Any clues on why could that happen? > > > > > > > > On Tue, Jun 24, 2008 at 5:32 PM, Maurice Marrink <[EMAIL PROTECTED]> > wrote: > > > >> By default a logincontext only allows a single login, this can be > >> changed by a constructor flag. > >> To switch principals simply login a second time with the new context > >> and logoff with the old context. > >> the session will be preserved. > >> > >> Maurice > >> > >> On Tue, Jun 24, 2008 at 2:14 PM, Sergey Podatelev > >> <[EMAIL PROTECTED]> wrote: > >> > Hello, > >> > > >> > I'm wondering, how can I remove current Principals/Subject stored in > >> > LoginContext and put another Subject/Principle without making user > >> re-login > >> > and without invalidation session (if that's even possible)? > >> > Just a brief description would be enough (: > >> > > >> > -- > >> > sp > >> > > >> > >> --------------------------------------------------------------------- > >> To unsubscribe, e-mail: [EMAIL PROTECTED] > >> For additional commands, e-mail: [EMAIL PROTECTED] > >> > >> > > > > > > -- > > sp > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- sp
