1 Reply Latest reply: Jan 11, 2012 2:01 PM by Jason Porter RSS

org.jboss.seam.security.IdentityImpl.logout regression?

Michael Anstis Newbie

Hello,


I notice org.jboss.seam.security.IdentityImpl.logout() now invalidates the HttpSession and subsequent calls cause an InvalidStateException.


See https://github.com/seam/security/blob/develop/impl/src/main/java/org/jboss/seam/security/IdentityImpl.java


As far as I can tell this change was added for Seam 3.1.0.Final (the Session.getSession().invalidate() is commented as a TODO in prior versions.


See http://grepcode.com/file/repository.jboss.org/nexus/content/repositories/releases/org.jboss.seam.security/seam-security-impl/3.0.0.Final/org/jboss/seam/security/IdentityImpl.java


This causes a small (fixable) regression for me in my application when logging out successive times on the same Session was pemitted.


Could you please confirm this is now deliberate (so I don't refactor only to find a change in a later release?)


Thanks,


Mike