This week's book giveaway is in the Big Data forum.
We're giving away four copies of Elasticsearch in Action and have Radu Gheorghe & Matthew Lee Hinman on-line!
See this thread for details.
The moose likes Servlets and the fly likes Protected resource Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Elasticsearch in Action this week in the Big Data forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "Protected resource" Watch "Protected resource" New topic

Protected resource

Shriniwas Deshpande

Joined: Apr 05, 2001
Posts: 1
Hi !
In my application, I am having a servlet which is a protected resource. So if user is not logged in, I am sending him/her to another servlet which accepts userid and password (login page). When I logged in, I go to the servlet (which is a protected resource). I visit one of the links there and if I press browser's back button, inspite of checking for whether user has logged in or not, I see login page again. This is happening only in IE, and not in Netscape 4.7. Can I get some input on this issue?
Thanking in adavance
Mark Simms
Ranch Hand

Joined: Jul 20, 2000
Posts: 36
Be sure to set the headers so the login page expires immediately:
<% response.addHeader("Pragma", "No-cache");
response.addHeader("Cache-Control", "no-cache");
response.addDateHeader("Expires", 1);
(above assumes JSP for the login page)
if it's HTML, then I believe you can do the same thing in Javascript !

Don't get me started about those stupid light bulbs.
subject: Protected resource