The solution presented is not a Cocoon specific solution, but rather
addressess the issue of the client-side browser keeping a history.
In a past life, we coded an application to do this using JavaScript that the
browser used to spawn the protected window. All pages accessed and presented
within the window are basically unchanged, therefore only requiring
JavaScript on the Login and Logout pages.
This is not an elegant solution, but it can work once you cater for the
major browsers (script variances).
Cheers
Adrian
----- Original Message -----
From: Enke Michael <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, August 16, 2001 1:53 PM
Subject: Re: session-invalidator and back-button?
> But if I use e-mail or banking over internet,
> it is not possible to get the last page back.
> And there is no extra window, the back button is selectable.
> The server answers that an error occured or that
> I have to login again.
>
> Is there a way in cocoon other than spawning another browser window?
>
> Michael
>
> Adrian Geissel wrote:
> >
> > Hi Michael,
> >
> > I believe that the only way to solve such an issue is to 'run' the
protected
> > portion of your website in a spawned browser window, and then when the
user
> > log's out, to close that window. This will ensure that the Back history,
> > which is local to a browser window, cannot be access with permission.
> >
> > Hope that this helps,
> > Adrian
> >
> > ----- Original Message -----
> > From: Enke Michael <[EMAIL PROTECTED]>
> > To: <[EMAIL PROTECTED]>
> > Sent: Thursday, August 16, 2001 11:46 AM
> > Subject: session-invalidator and back-button?
> >
> > > Hi,
> > > I tryed the web-application demo from cocoon2
> > > where a login and logout can be performed.
> > > But after logout if I press the back button of my browser
> > > I get back into protected area without authorization.
> > > How can this be avoided?
> > >
> > > Michael
> > >
> > > ---------------------------------------------------------------------
> > > Please check that your question has not already been answered in the
> > > FAQ before posting. <http://xml.apache.org/cocoon/faqs.html>
> > >
> > > To unsubscribe, e-mail: <[EMAIL PROTECTED]>
> > > For additional commands, e-mail: <[EMAIL PROTECTED]>
> > >
> > >
> >
> > ---------------------------------------------------------------------
> > Please check that your question has not already been answered in the
> > FAQ before posting. <http://xml.apache.org/cocoon/faqs.html>
> >
> > To unsubscribe, e-mail: <[EMAIL PROTECTED]>
> > For additional commands, e-mail: <[EMAIL PROTECTED]>
>
> ---------------------------------------------------------------------
> Please check that your question has not already been answered in the
> FAQ before posting. <http://xml.apache.org/cocoon/faqs.html>
>
> To unsubscribe, e-mail: <[EMAIL PROTECTED]>
> For additional commands, e-mail: <[EMAIL PROTECTED]>
>
>
---------------------------------------------------------------------
Please check that your question has not already been answered in the
FAQ before posting. <http://xml.apache.org/cocoon/faqs.html>
To unsubscribe, e-mail: <[EMAIL PROTECTED]>
For additional commands, e-mail: <[EMAIL PROTECTED]>
