Hi Brad,
Isn't suggested not to use with Struts direct links to the jsp pages?
>><a href="javascript:location.replace('somePageName.jsp')" ></a>
I don't recall exactly if this is the code needed to "erase"/change the
location
but it looks just like simple html link and still I think this doesn't solve
my refresh problem I mentioned before
Cezar
-----Original Message-----
From: Brad Balmer [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 21, 2003 8:07 AM
To: Struts Users Mailing List
Subject: Re: Whats the security trick for not permiting the browser back
button on SignOut?
I ran into a similar problem with my login application. What I did was
simply replace the page name that is put in the history with a page that
I wanted.
<a href="javascript:location.replace('somePageName.jsp')" ></a>
Cezar Nasui wrote:
>Hi Henry,
>
>The problem I noticed is if you go Back to the first page after login and
>make a refresh on that page you will be able to navigate again in your app
>as a new session is created 'cause refresh re-post the login data.
>Your app does that? Do you know any solution for this one?
>I think with some JavaScript you can erase the history of the Back button.
I
>don;t recall exaclty the code but I'll look for it. What I want to know is
>if it's a good method as we know we shouldn't rely on user's settings (ex.
>Javascript not enabled).
>
>Cezar
>
>-----Original Message-----
>From: Henry Voyer [mailto:[EMAIL PROTECTED]
>Sent: Wednesday, August 20, 2003 7:30 PM
>To: [EMAIL PROTECTED]
>Subject: Whats the security trick for not permiting the browser back
>button on SignOut?
>
>
>Hi fellow Strutser
>
>I have implemented securityFilter (http://securityFilter.org) in my struts
>app.
>But once i log off i can press the browsers back button and go back to the
>users content page.
>He cant do any action since the securityFilter dont let him but he can
still
>see the pages he already accessed. i would like to know how to implement
>the redirection to signIn page for the browser back button once he SignOut.
>
>I have seen the examples of the Apache Admin site and the security app
>examples but i cant find how they do this.
>
>So guys whats the trick?
>
>Regards and thanks for all those who worked on the securityFilter and
struts
>examples.
>
>_________________________________________________________________
>Add photos to your e-mail with MSN 8. Get 2 months FREE*.
>http://join.msn.com/?page=features/featuredemail
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: [EMAIL PROTECTED]
>For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
>---
>Incoming mail is certified Virus Free.
>Checked by AVG anti-virus system (http://www.grisoft.com).
>Version: 6.0.509 / Virus Database: 306 - Release Date: 8/12/2003
>
>---
>Outgoing mail is certified Virus Free.
>Checked by AVG anti-virus system (http://www.grisoft.com).
>Version: 6.0.509 / Virus Database: 306 - Release Date: 8/12/2003
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: [EMAIL PROTECTED]
>For additional commands, e-mail: [EMAIL PROTECTED]
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.509 / Virus Database: 306 - Release Date: 8/12/2003
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.512 / Virus Database: 309 - Release Date: 8/19/2003
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
