Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Cloud/Virtualization forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Protected resource

 
Shriniwas Deshpande
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi !
In my application, I am having a servlet which is a protected resource. So if user is not logged in, I am sending him/her to another servlet which accepts userid and password (login page). When I logged in, I go to the servlet (which is a protected resource). I visit one of the links there and if I press browser's back button, inspite of checking for whether user has logged in or not, I see login page again. This is happening only in IE, and not in Netscape 4.7. Can I get some input on this issue?
Thanking in adavance
-Shrini
 
Mark Simms
Ranch Hand
Posts: 36
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Be sure to set the headers so the login page expires immediately:
<% response.addHeader("Pragma", "No-cache");
response.addHeader("Cache-Control", "no-cache");
response.addDateHeader("Expires", 1);
%>
(above assumes JSP for the login page)
if it's HTML, then I believe you can do the same thing in Javascript !
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic