[jbossseam-issues] [JBoss JIRA] Closed: (JBSEAM-2239) After a logout, roles are not cleared

Shane Bryzak (JIRA) jira-events at lists.jboss.org
Mon Nov 12 06:00:59 EST 2007

     [ http://jira.jboss.com/jira/browse/JBSEAM-2239?page=all ]

Shane Bryzak closed JBSEAM-2239.

    Fix Version/s: 2.0.1.GA
       Resolution: Done
         Assignee: Shane Bryzak

The subject, and the security context are now explicitly cleared when Identity.logout() is invoked.  Thanks for the test case.  

> After a logout, roles are not cleared
> -------------------------------------
>                 Key: JBSEAM-2239
>                 URL: http://jira.jboss.com/jira/browse/JBSEAM-2239
>             Project: JBoss Seam
>          Issue Type: Bug
>    Affects Versions: 2.0.0.GA
>            Reporter: Adam Warski
>         Assigned To: Shane Bryzak
>             Fix For: 2.0.1.GA
>         Attachments: seam_test_security.tar.gz
> After logging out, using a link:
> <s:link action="#{identity.logout}" value="Logout" rendered="#{identity.loggedIn}" />
> the roles are not cleared, that is, when the response page is rednered, #{s:hasRole('admin')} is still true (assuming the user that was logged in had the role :) ).
> Everything is ok if you add a view="xxx.xhtml" parameter to s:link, however I think it should work without it, too, so that users can logout and stay on the page they were last viewing, if authorization permits them to.

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira


More information about the seam-issues mailing list