| Author |
Getting logout to work effectively in jsp
|
Vic Hood
Ranch Hand
Joined: Jan 05, 2011
Posts: 477
|
|
Hi Folks,
Im trying to logout a user from my web application using the servlet code below.
and assigning the above servlet to a logout link, now the above works correctly ,But it would allow the person to be able to see a protected screen below to a particular user by clicking browser back button , even though any action after that forces the user to login . Is there any way I can prevent an unauthorised user from viewing protected content by hitting the back button of the browser?
Thanks
|
Learning and Learning!-- Java all the way!
|
 |
Tarun Bolla
Ranch Hand
Joined: Jun 20, 2011
Posts: 85
|
|
Hi....
I suggest you use a client side cookie...say IsLoggedIn. if the content of IsLoggedIn is "true"(check in onload javascript), let it be. If its not, redirect to login page. You would set the cookie in server code in login page. You would clear the cookie in server code in logout page. Dont remove any server side validation for session. Keep it as it is...
Hope this helps...
|
|
Vic Hood
Ranch Hand
Joined: Jan 05, 2011
Posts: 477
|
|
|
Thank you for your suggestion!
|
|
Vic Hood
Ranch Hand
Joined: Jan 05, 2011
Posts: 477
|
|
Uh just as an update, I found a work around to the situation rather than implementing the client side script on all pages . I cleared the cache through a filter , and solved the problem . May help any one facing similar issues in the future
|
|
Tarun Bolla
Ranch Hand
Joined: Jun 20, 2011
Posts: 85
|
|
|
Hi Vic...What do you mean by clearing cache through a filter? Could you elaborate it!
|
|
Bear Bibeault
Author and ninkuma
Marshal
Joined: Jan 10, 2002
Posts: 56168
|
|
|
See the JspFaq.
|
[Smart Questions] [JSP FAQ] [Books by Bear] [Bear's FrontMan] [About Bear]
|
|
 |
|
|
subject: Getting logout to work effectively in jsp
|
|
|
0
