> The use case is following: > I want to prevent simultaneous logins for users. If user already logged in > from one ip address, I show the error message. > For this I've added a HashMap field into my Application class, and after > successful authorization I add a user into this map. > If user logs out, I remove the user from this map. However, I want to be > able to remove a user if he/she didn't logged out but his/her session > expired.
You should let your custom session store override one of the base classes (HttpSessionStore, or SecondLevelCacheSessionStore is even better), and then override onUnbind(String). In your logout page, call Session#invalidate. That way, onUnbind will be called both when explicitly logging off and on session time outs. Eelco ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Wicket-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/wicket-user
