Hi, You need to use Session#invalidate() actually.
#invalidate() schedules a call to #invalidateNow() at the end of the request cycle. By using #invalidateNow() you invalidate the current http session and right after this your app creates a new Session because it needs to finish the request cycle and the new one is what you see later. You can print the hashcodes to see whether I'm right. On Thu, Sep 27, 2012 at 9:04 AM, Ondrej Zizka <ozi...@redhat.com> wrote: > Hi, > > i am trying to implement a simple authentization. > > I've basically copied what's in the auth example #2 in wicket examples, > and have a Logout button: > > add( new Link("logoutLink") { > @Override public void onClick() { > sess.invalidateNow(); > setResponsePage( HomePage.class ); > } > } > .add( new Label("label", "Logout " + > sess.getUser().getName()) ) > > Which, when clicked, is performed, but in the second request, the User > object, which set to null in my overriden signOut(), is back in my > session object. Not sure if the same obj, but the same values. > > What could be wrong? > > Thanks, > Ondra -- Martin Grigorov jWeekend Training, Consulting, Development http://jWeekend.com --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org