springspring-mvcinvalidationmagnoliasession-bean

Magnolia CMS Public and Session Scope Bean

For few days I'm trying to solve my problem with Magnolia and Spring session beans, after many hours I do not have more ideas what can be wrong.

I'm developing simple application based on Magnolia 5.2.4 working on tomcat 7.0.5. I'm also using Blossome together with Spring MVC

The problem I'm having, appears only on Public for anonymous user and it's about session Bean which I'm using to keep all logged use data - yes, I'm not using spring security to not make things more complicated. So I have my session scope bean which stores for example logged user data. Which I'm retrieving from the bean on the jsp pages etc.

  1. When I type www.my_doman.com/appName after user is logged ( and session bean is filled with user data) is seems that I'm getting some new session bean, because user data is empty ( = null). When I make some action like www.my_doman.com/appName/action.html or even www.my_doman.com/appName// the right controller is triggered and I'm getting the right session bean with user data which I filled just after he is logged in. What's more www.my_doman.com/appName do not behave as www.my_doman.com/appName**/**

  2. When I log-out, clean user data stored in sessionBean (sessionBean.setUserData(null); ) and invalidate session ( request.getSession().invalidate) sometimes I'm getting the 'old' user data. Even on other computer, I can intercept user logged on other machine. So - I'm clicking 'log out' and the controller and jsp doesn't find any user data ( what is correct) but when I change my action to www.my_doman.com/appName/ old session beans returns with logged out user data. On Author for superuser it works just fine.......

Does anybody has an idea what is wrong ? I was trying with anonymous user magnolia rights, but this is not it as I think.

Best Regards Jan

Solution

  • When you get the old data on another computer, try to login to admin interface of the public instance, go to Tools/Cache Tools and click "Flush all" button at the bottom of the page. See if the problem goes away then. I suspect you are caching pages that are user specific and should not be cached. If the test above helps to get rid of the problem, you should look into cache configuration to reconfigure it to exclude pages that have personalised info from cache.

    HTH,
    Jan