Marco Collovati

Hi, thanks for reporting the issue. Could you please provide more information about your application? Are you using `VaadinWebSecurity` for Spring Security configuration? How do you perform logout? Are you...

So you are not using VaadinWebSecurity class? Could you share the code you use to trigger the logout and your destroy listener implementation and registration?

Also sharing your Spring security configuration may help to understand the problem

The error is weird because looking at the code, the `VaadinSession` is taken from UI and used, a couple of lines before the one the exception is thrown. And there...

Side note: based on the online documentation (see `SecurityService.logout()` in https://vaadin.com/docs/latest/security/enabling-security#log-out-capability and `SecurityUtils.logout()` in https://vaadin.com/docs/latest/security/advanced-topics/securing-plain-java-app#handling-user-log-in-out) I suggest moving the page reload code before the session invalidation.

Unfortunately, I can't say whether it could be related or not. Still, having the `UI.session` nullified while processing an UIDL request should not happen if changes to the UI are...

Test failing because the `maven-invoker` plugin updated `maven-shared-utils` dependency from 3.3.4 to 3.4.2 and also changed its code to call a method from the new API. In the Flow module,...

with `test` scope there's a compilation error. `provided` scope should work

@knoobie do you mean, for example, define specific `securityMatchers()` in `VaadinWebSecurity`, or something else/in addition?

Couldn't you use `UI.getActiveViewLocation()`?