File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Servlets and the fly likes Protected resource Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "Protected resource" Watch "Protected resource" New topic

Protected resource

Shriniwas Deshpande

Joined: Apr 05, 2001
Posts: 1
Hi !
In my application, I am having a servlet which is a protected resource. So if user is not logged in, I am sending him/her to another servlet which accepts userid and password (login page). When I logged in, I go to the servlet (which is a protected resource). I visit one of the links there and if I press browser's back button, inspite of checking for whether user has logged in or not, I see login page again. This is happening only in IE, and not in Netscape 4.7. Can I get some input on this issue?
Thanking in adavance
Mark Simms
Ranch Hand

Joined: Jul 20, 2000
Posts: 36
Be sure to set the headers so the login page expires immediately:
<% response.addHeader("Pragma", "No-cache");
response.addHeader("Cache-Control", "no-cache");
response.addDateHeader("Expires", 1);
(above assumes JSP for the login page)
if it's HTML, then I believe you can do the same thing in Javascript !

I agree. Here's the link:
subject: Protected resource
It's not a secret anymore!