Hi Martin

Thanks for the quick reply.
The fix doesn't work for me though, I can still go back and press reload or do anything I like. If I use session.replaceSession() it works as expected but as a side effect also changes the JSESSIONID which usually isn't what you want...

I'm using it like that in an onClick event of a button (and the session is NOT temporary):

        if (getSession().isTemporary() == false) {
            getSession().getPageManager().sessionExpired(getId());
        }

        setResponsePage(new ConfirmationPage(...));

Maybe it could be some kind of special situation like it was in Wicket 1.4 where I manually had to untouch the current page to avoid it still being stored at the end of the request...?

Matt


On 2011-11-02 10:40, Martin Grigorov wrote:
I implemented the feature in the ticket Matt created.
Please try it.

On Wed, Nov 2, 2011 at 11:35 AM, Andrea Del Bene<[email protected]>  wrote:
Have you tried session.invalidate()? If you have an AuthenticatedWebSession
you can also use signOut()
Hi

Upon logging out we need to keep the current user's session to still
display some information but we want to remove all previous pages from the
PageMap (or however that is solved in Wicket 1.5 now) so that he cannot go
back and continue on these pages.
In Wicket 1.4 we found a way to achieve that, basically with
  session.clear()  (plus  session.untouch(getPage())  ). In Wicket 1.5.2 the
clear() method ist still there, but only contains an empty TODO comment....

How do we clear the previous pages now so that if he goes back, the user
receives a PageExpiredError ?

Thanks a lot

Matt


Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Reply via email to