You can inject the WebRequest and get the WebSession from there: .page/.component: <inject object="infrastructure:request" property="webRequest"/>
.java: WebSession session = getWebRequest().getSession(false); -----Original Message----- From: Brian Long [mailto:[EMAIL PROTECTED] Sent: 10 January 2006 18:25 To: [email protected] Subject: Invalidating the users session I've recently upgraded from Tapestry 3.03 to 4.0 and have a minor problem with the acegi security configuration I'm using. The login/logout code used currently came from the Hispacta example on sourceforge which worked a treat until the upgrade to tapestry 4.0. The problem is this, in 3.0 I would get the HttpSession before logging the current user out and invalidate it e.g. cycle.getRequestContext().getSession().invalidate(); very straightforward, however this method "getRequestContext" is now deprecated and so I get an error message when I log out to the effect that I'm invalidating a session that has already been invalidated? Question is, who, what and where is invalidating the session, if I remove the call to the RequestContext and no longer invalidate the session, I start getting hivemind exceptions after a couple of logins/logouts. So to summarise, if someone has already gone through the pain of updating this acegi security code from Hispacta could they please share there solution/workaround. Alternatively if someone has an example of how to inject the HttpSession in via hivemind so that I could invalidate "in the 4.0 way" I'd appreciate it. /Brian. p.s. congratulations to Howard et al. on the final release of Tapestry 4.0 --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
