session-related page:
%
if (session.getAttribute(USER) == null) {
response.sendRedirect(Login.do);
}
%
Or you may want to write a guard tag, see Ted Husted's MailReader
sample application for details. Or you may want to write a servlet
filter.
Michael.
On 12/1/05, info3853 Bush wrote
I noticed that in many web applications, after you logout from the
application, you can still use the browser back button to view some pages
you supposely shouldn't. Some web applications, like gmail, if you logout, and
click the back, it will always redirect the page to the login page.
, but not a proper message like page not
existed, etc.
Laurie Harper [EMAIL PROTECTED] wrote:
info3853 Bush wrote:
I noticed that in many web applications, after you logout from the
application, you can still use the browser back button to view some pages
you supposely shouldn't. Some web
Yes, I did that. Now all pages are blank. What I really wish is that after
logout, when user hit back button, the page goes back to login page, never
visit all pages visited before even just blank page now.
Michael Jouravlev [EMAIL PROTECTED] wrote: On 12/1/05, info3853 Bush wrote:
That's
=
httpServletRequest.getSession( false );
if ( session != null )
{
session.invalidate();
}
//go to index.jsp
return actionMapping.findForward( success );
} //end execute
} //end LogoffAction
- Original Message -
From: info3853 Bush [EMAIL
Hi, Michael,
What you suggest works fine. In this way, the URL is
changed from login.do to login.jsp. And in jsp, all
user information has been reinitialized so user has to
provide login information.
Thanks,
Bush
--- Michael Jouravlev [EMAIL PROTECTED] wrote:
On 10/26/05, info3853 Bush
I had a web application based on struts framework. Recently, I found that after
you logout, you use the browser back button back to the login.do
page, the page shows the Page Time Out, however, if you click the refresh
button, the page automatically login to the application without ask you any
In my logout method, we use the session.invalidate(); method and redirect the
page to login page again.
Dave Newton [EMAIL PROTECTED] wrote:info3853 Bush wrote:
Anyone has idea to handle this situation?
Sounds like your logout method is broken.
Dave
8 matches
Mail list logo