AW: [WARNING] AW: Problem with user logout (Tapestry-Acegi)
hi jake, i did not mean the html-header but the http-header. i think that you can have a look at your online-banking application. they are probably doing the same thing. i remember an older thread in this mailing list about this topic. perhaps you should aks google ;-) -Ursprüngliche Nachricht- Von: jake123 [mailto:[EMAIL PROTECTED] Gesendet: Freitag, 16. Februar 2007 15:26 An: users@tapestry.apache.org Betreff: Re: [WARNING] AW: Problem with user logout (Tapestry-Acegi) Hi Peter, thanks for your response, I tried to add in the head tag in all my pages that contains a secured annotation and then tried to logout and hit the back button on my browser and I still get the same result... I end up in the secured page... so it seems to not have any effect at all. My logout function looks like this: public String onLogOut(IRequestCycle cycle) { getSessionUserInfo().setUserRoles(null); getSessionUserInfo().setUserName(null); getSessionUserInfo().setPassword(null); /* RESET ACEGI AUTHENTICATION TO NULL */ SecurityContextHolder.clearContext(); return HomeDispatcher.PAGE_NAME; } Any other suggestions? Thanks again, Jacob -- View this message in context: http://www.nabble.com/Problem-with-user-logout-%28Tapestry-Acegi%29-tf3236292.html#a9005154 Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [WARNING] AW: Problem with user logout (Tapestry-Acegi)
Hi Peter, thanks for your response, I tried to add in the head tag in all my pages that contains a secured annotation and then tried to logout and hit the back button on my browser and I still get the same result... I end up in the secured page... so it seems to not have any effect at all. My logout function looks like this: public String onLogOut(IRequestCycle cycle) { getSessionUserInfo().setUserRoles(null); getSessionUserInfo().setUserName(null); getSessionUserInfo().setPassword(null); /* RESET ACEGI AUTHENTICATION TO NULL */ SecurityContextHolder.clearContext(); return HomeDispatcher.PAGE_NAME; } Any other suggestions? Thanks again, Jacob -- View this message in context: http://www.nabble.com/Problem-with-user-logout-%28Tapestry-Acegi%29-tf3236292.html#a9005154 Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
AW: Problem with user logout (Tapestry-Acegi)
hi jacob, i think that this can be achieved by disabling the caching in the http response. Cache-Control: no-cache so that the browser tries to fetch a fresh version of this page. -Ursprüngliche Nachricht- Von: jake123 [mailto:[EMAIL PROTECTED] Gesendet: Donnerstag, 15. Februar 2007 22:47 An: users@tapestry.apache.org Betreff: Problem with user logout (Tapestry-Acegi) Hi all, I have a problem when a logged in user are about to logout. If I only empty my user information in session object and using SecurityContextHolder.getContext().setAuthentication(null); to empty the acegi part the user can still come back to the secured page using the browsers back button. I need to make this not possible. Does anybody know how to solve this? Thanks, Jacob -- View this message in context: http://www.nabble.com/Problem-with-user-logout-%28Tapestry-Acegi%29-tf3236292.html#a8994383 Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Problem with user logout (Tapestry-Acegi)
Hi all, I have a problem when a logged in user are about to logout. If I only empty my user information in session object and using SecurityContextHolder.getContext().setAuthentication(null); to empty the acegi part the user can still come back to the secured page using the browsers back button. I need to make this not possible. Does anybody know how to solve this? Thanks, Jacob -- View this message in context: http://www.nabble.com/Problem-with-user-logout-%28Tapestry-Acegi%29-tf3236292.html#a8994383 Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]