You can find some documentation in Jakarta Struts 1.1(Wrox Series.) abt how
to use Tokens , but iam not sure how far it is helpful to solve your problem
On 12/19/05, Priya Saloni <[EMAIL PROTECTED]> wrote:
>
> Here is my Code,
>
> request.getSession().removeAttribute("sessionState");
> request.getSession().invalidate();
> response.sendRedirect("/BMS/logout_success.jsp");
>
> It invalidates properly but when i hit back button its asking to
> resubmit.Iread it some where that by implementing Tokens we can avoid
> this
> problem.Any one have idea where i can get the example application to work
> with Transaction Tokens..
>
> Thanks
>
> Priya
>
> On 12/16/05, Martin Gainty <[EMAIL PROTECTED]> wrote:
> >
> > just as a quick sanity check
> >
> > HTTPSession strSession = request.getSession(false);
> > strSession.removeAttribute("sessionState");
> >
> > strSession = session.getId();
> > while(strSession != null)
> > { //session information is still there
> > session.invalidate();
> > strSession = session.getId();
> > }
> > response.sendRedirect("/BMS/logout_success.jsp");
> >
> > //To clear the cache I would place these meta-commands in the head
> > <meta http-equiv="Cache-Control" content="no-cache, no-store,
> > must-revalidate">
> > <meta http-equiv="pragma" content="no-cache">
> > <meta http-equiv="expires" content="0">
> >
> > Then again that message appears to be specific to IE on XP SP2
> > http://support.microsoft.com/default.aspx?scid=kb;en-us;890178
> >
> > Anyone else?
> > M-
> >
> > ----- Original Message -----
> > From: "Priya Saloni" <[EMAIL PROTECTED]>
> > To: "Struts Users Mailing List" <user@struts.apache.org>
> > Cc: "Garner, Nigel M" <[EMAIL PROTECTED]>
> > Sent: Friday, December 16, 2005 1:46 PM
> > Subject: Re: Back Button Problem..
> >
> >
> > Thanks for your time.But i can't use Appuse at this time because my
> > project
> > ready for production(Except this problem).
> >
> > Priya
> >
> >
> > On 12/16/05, Garner, Nigel M <[EMAIL PROTECTED]> wrote:
> > >
> > > You could always use a ServletFilter to make sure that users never
> have
> > > access to pages that you don't want them to. By checking for a user
> > > object or something like the sessionState object then you could
> > > determine whether or not the user is logged in. If not then it will
> > > allow you to redirect the user to where ever you want.
> > >
> > > I have used them on a number of occasion for this purpose and I think
> > > the struts appfuse projected (see struts.sourceforge.net) provide a
> > > downloadable implementation.
> > >
> > > Thanks
> > > Nigel
> > >
> > > -----Original Message-----
> > > From: Priya Saloni [mailto:[EMAIL PROTECTED]
> > > Sent: 16 December 2005 14:49
> > > To: Struts Users Mailing List
> > > Subject: Back Button Problem..
> > >
> > > Hi there,
> > >
> > > I facing a BIG problem in my struts based application.When i logout my
> > > website and hit back button it showing a page like the following
> > >
> > > //
> > > Warning: Page has Expired
> > > The page you requested was created using information you submitted in
> a
> > > form. This page is no longer available. As a security precaution,
> > > Internet Explorer does not automatically resubmit your information for
> > > you.
> > >
> > > To resubmit your information and view this Web page, click the
> > > *Refresh*button.
> > >
> > >
> > > //
> > >
> > > When i refresh the page its showing the secured web pages too.My code
> in
> > > LogoutAction is as follows
> > >
> > > request.getSession().removeAttribute("sessionState");
> > > request.getSession().invalidate();
> > > response.sendRedirect("/BMS/logout_success.jsp");
> > >
> > > sessionState is the VO where iam keeping all the objects i want to
> keep
> > > in session..Is there any way in struts to make sure that it won't
> > > display the page like above..
> > >
> > > Thanks
> > >
> > > Priya.
> > >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> >
>
>
--
Thanks & RegardsSrinivas732-648-9421(Cell)
