You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@wicket.apache.org by sreed <sr...@avacoda.com> on 2011/06/28 20:09:16 UTC
Unwanted authentication persistence
We are using AuthenticatedWebSession without any persistence of anything.
However, the session is persisting (user does not have to login after the
first time) from one server restart to another. Is that expected behavior?
Does anyone know how to prevent persistence of the session/data?
Thanks,
Scott
--
View this message in context: http://apache-wicket.1842946.n4.nabble.com/Unwanted-authentication-persistence-tp3631027p3631027.html
Sent from the Users forum mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org
Re: Unwanted authentication persistence
Posted by Scott Reed <sr...@avacoda.com>.
I figured out that the sign-in panel was storing the authentication data
in a cookie from when we had first tried it before we turned off the
remember-me option and now it's getting it back from there even though
we have turned off that option. Was a simple tweak to fix it.
On 6/28/2011 3:15 PM, sreed wrote:
> We are using Jetty which has no session persistence by default. Is it
> possible that Wicket is persisting sessions somehow? What else might be
> causing this?
>
> --
> View this message in context: http://apache-wicket.1842946.n4.nabble.com/Unwanted-authentication-persistence-tp3631027p3631188.html
> Sent from the Users forum mailing list archive at Nabble.com.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
> For additional commands, e-mail: users-help@wicket.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org
Re: Unwanted authentication persistence
Posted by sreed <sr...@avacoda.com>.
We are using Jetty which has no session persistence by default. Is it
possible that Wicket is persisting sessions somehow? What else might be
causing this?
--
View this message in context: http://apache-wicket.1842946.n4.nabble.com/Unwanted-authentication-persistence-tp3631027p3631188.html
Sent from the Users forum mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org
Re: Unwanted authentication persistence
Posted by Martin Grigorov <mg...@apache.org>.
This is a feature of the web container.
You have to check its user manual :-)
On Tue, Jun 28, 2011 at 9:09 PM, sreed <sr...@avacoda.com> wrote:
> We are using AuthenticatedWebSession without any persistence of anything.
> However, the session is persisting (user does not have to login after the
> first time) from one server restart to another. Is that expected behavior?
> Does anyone know how to prevent persistence of the session/data?
> Thanks,
> Scott
>
> --
> View this message in context: http://apache-wicket.1842946.n4.nabble.com/Unwanted-authentication-persistence-tp3631027p3631027.html
> Sent from the Users forum mailing list archive at Nabble.com.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
> For additional commands, e-mail: users-help@wicket.apache.org
>
>
--
Martin Grigorov
jWeekend
Training, Consulting, Development
http://jWeekend.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org