Re: Redirect to an external page & inalidate the current session
Hi, On Mon, Mar 25, 2019 at 8:29 PM christophe wrote: > Hello > > The application I am working on has an "exit" option that must > 1) redirect the user to the corporate web home page > (www.thisCorporation.com) > 2) invalidate the session so that no one,especially an unauthorized user, > by > clicking on the back button, would be able to get back to the application > > I have tried the following: > cycle = currentPage.getRequestCycle(); > cycle.setResponsePage(new > RedirectPage("http://www.ThisCorporation.com;); > > It works however the session is still valid & any one can get back to it > > So I have tried the following: > cycle = currentPage.getRequestCycle(); > cycle.setResponsePage(new > RedirectPage("http://www.ThisCorporation.com;); > Is this Wicket 1.3/1.4 ? > session.invalidate(); > This gets me a "page expired exception" instead > > Can someone help me with the correct way of doing both (redirecting & > invalidating the session) please I have have spent hours on this for now > satisfactory results > Try with: session.invalidateNow(); throw new RedirectToUrlException("http://www.ThisCorporation.com;); > > Thank you > > > > -- > Sent from: > http://apache-wicket.1842946.n4.nabble.com/Users-forum-f1842947.html > > - > To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org > For additional commands, e-mail: users-h...@wicket.apache.org > >
Re: Redirect to an external page & inalidate the current session
Hi, How are you adding security/authorization to your pages? On Mon, Mar 25, 2019 at 9:29 PM christophe wrote: > Hello > > The application I am working on has an "exit" option that must > 1) redirect the user to the corporate web home page > (www.thisCorporation.com) > 2) invalidate the session so that no one,especially an unauthorized user, > by > clicking on the back button, would be able to get back to the application > > I have tried the following: > cycle = currentPage.getRequestCycle(); > cycle.setResponsePage(new > RedirectPage("http://www.ThisCorporation.com;); > > It works however the session is still valid & any one can get back to it > > So I have tried the following: > cycle = currentPage.getRequestCycle(); > cycle.setResponsePage(new > RedirectPage("http://www.ThisCorporation.com;); > session.invalidate(); > This gets me a "page expired exception" instead > > Can someone help me with the correct way of doing both (redirecting & > invalidating the session) please I have have spent hours on this for now > satisfactory results > > Thank you > > > > -- > Sent from: > http://apache-wicket.1842946.n4.nabble.com/Users-forum-f1842947.html > > - > To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org > For additional commands, e-mail: users-h...@wicket.apache.org > > -- Regards - Ernesto Reinaldo Barreiro
Redirect to an external page & inalidate the current session
Hello The application I am working on has an "exit" option that must 1) redirect the user to the corporate web home page (www.thisCorporation.com) 2) invalidate the session so that no one,especially an unauthorized user, by clicking on the back button, would be able to get back to the application I have tried the following: cycle = currentPage.getRequestCycle(); cycle.setResponsePage(new RedirectPage("http://www.ThisCorporation.com;); It works however the session is still valid & any one can get back to it So I have tried the following: cycle = currentPage.getRequestCycle(); cycle.setResponsePage(new RedirectPage("http://www.ThisCorporation.com;); session.invalidate(); This gets me a "page expired exception" instead Can someone help me with the correct way of doing both (redirecting & invalidating the session) please I have have spent hours on this for now satisfactory results Thank you -- Sent from: http://apache-wicket.1842946.n4.nabble.com/Users-forum-f1842947.html - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org