hi,
i am developing a web app using model 2 architecture. The application
has a single login. After authentication user info is put in a session.
Access to pages is allowed after verifying whether the user is in
session. When the user logs out the session is invalidated.
The problem that i have is that the session seems to be active when i
go back to the page where user is authenticated and put in session using
browser back button. From there again i can access all the pages and the
information that i put in session is still there. But if i try access to
these pages directly thro the URLs its working as expected, no access
is given. How to prevent this.
ranjith
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
Some relevant FAQs on JSP/Servlets can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
