You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@struts.apache.org by Mohan <mo...@infotechsw.com> on 2005/05/24 07:05:48 UTC
Session-Problem
Hi All,
I have problem in my application.In My application I have login and log
out functionality.When user clicks log-out I am removing the session and I
am redirectiong to Login page.So far it is working fine.But problem starts
here.If user clicks the back button of browser window.He is able to see the
last visited page .But I want to restrict him like ,once the user is logged
out .and if he clicks the back button I want him to redirect to the login
page or showing some message.
thanks and regards,
Mohan.
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: Session-Problem
Posted by Viktar Duzh <du...@tut.by>.
Hi,
Try the following in yor struts-config file:
<controller nocache="true"/>
According to the struts-config.dtd file:
nocache Set to "true" if you want the controller to add HTTP
headers for defeating caching to every response from
this module. [false]
It should help.
Regards,
-- Viktar
----- Original Message -----
From: "Jorge Chacón Souto" <jo...@mundo-r.com>
To: "Struts Users Mailing List" <us...@struts.apache.org>
Sent: Tuesday, May 24, 2005 9:56 AM
Subject: Re: Session-Problem
>
> Hello,
>
> I have the same problem some days ago. I found two solutions: using
> https(SSL) in the web server (if SSL really fits to your application
> security requirements), since SSL web pages are not cached, or telling the
> browser to don't cache the JSP page, so when the user clicks the back
> button the browser will have to send a request.
>
> response.setHeader("Cache-Control","no-cache"); //Forces caches
> to obtain a new copy of the page from the origin server
> response.setHeader("Cache-Control","no-store"); //Directs
> caches not to store the page under any circumstance
> response.setDateHeader("Expires", 0); //Causes the proxy cache
> to see the page as "stale"
> response.setHeader("Pragma","no-cache"); //HTTP 1.0 backward
> compatibility
>
> More details on:
>
> http://www.javaworld.com/javaworld/jw-09-2004/jw-0927-logout.html
>
> Jorge.
>
>
> Mohan escribió:
>
>>Hi All,
>>
>>
>> I have problem in my application.In My application I have login and
>> log
>>out functionality.When user clicks log-out I am removing the session and I
>>am redirectiong to Login page.So far it is working fine.But problem starts
>>here.If user clicks the back button of browser window.He is able to see
>>the
>>last visited page .But I want to restrict him like ,once the user is
>>logged
>>out .and if he clicks the back button I want him to redirect to the login
>>page or showing some message.
>>
>>thanks and regards,
>>Mohan.
>>
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
>>For additional commands, e-mail: user-help@struts.apache.org
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: Session-Problem
Posted by Jorge Chacón Souto <jo...@mundo-r.com>.
Hello,
I have the same problem some days ago. I found two solutions: using
https(SSL) in the web server (if SSL really fits to your application
security requirements), since SSL web pages are not cached, or telling
the browser to don't cache the JSP page, so when the user clicks the
back button the browser will have to send a request.
response.setHeader("Cache-Control","no-cache"); //Forces
caches to obtain a new copy of the page from the origin server
response.setHeader("Cache-Control","no-store"); //Directs
caches not to store the page under any circumstance
response.setDateHeader("Expires", 0); //Causes the proxy
cache to see the page as "stale"
response.setHeader("Pragma","no-cache"); //HTTP 1.0 backward
compatibility
More details on:
http://www.javaworld.com/javaworld/jw-09-2004/jw-0927-logout.html
Jorge.
Mohan escribió:
>Hi All,
>
>
> I have problem in my application.In My application I have login and log
>out functionality.When user clicks log-out I am removing the session and I
>am redirectiong to Login page.So far it is working fine.But problem starts
>here.If user clicks the back button of browser window.He is able to see the
>last visited page .But I want to restrict him like ,once the user is logged
>out .and if he clicks the back button I want him to redirect to the login
>page or showing some message.
>
>thanks and regards,
>Mohan.
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
>For additional commands, e-mail: user-help@struts.apache.org
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org