i have a richfaces application. when the user closes the browser and opens the app from history, the app will not be redirected to login page.
how can i achieve this? i think clearing browse cache will help..
i tried setting this:
<meta http-equiv="Pragma" content="no-store">
<meta http-equiv="Cache-Control" content="no-store">
<meta http-equiv="Expires" content="-1">
You probably aren't using the J2EE standard security system them. Things like this are why inventing your own security system is a Bad Idea.
The user's browser cache belongs to the user and is managed by the user's browser. Server-side code cannot clear it. And, in fact, server-supplied cache directives are hints and not commands. The browser may or may not honor them.
An IDE is no substitute for an Intelligent Developer.
Joined: Jul 11, 2011
could you post some sample which will help me in implementing it..
If you mean sample standard J2EE security, just pick up any basic book on servlets, JSPs, or introductory J2EE. A good way to find what you need in the index is to look for "form-based authentication". Just beware. Far too many of these sort of books also have examples that include a "sample login page" app. Which is how a lot of these problems get started.