• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Avoid moving back & forward in browser using struts 2

 
Ranch Hand
Posts: 136
Netbeans IDE MySQL Database Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
After session expiry am moving current page to login page. If the user clicks on the back or forward button in the browser, it redirects to previous page instead of showing login page. I tried with interceptors to expire the session and to avoid the cache store but still the page moves to previous page instead of login. My code as follows,




let me know if i can solve this in any other way.
 
Bartender
Posts: 9626
16
Mac OS X Linux Windows
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Clearing the cache only makes the browser reload the page from the server. To secure a resource, the best practice is to use the JEE Declaritive Security mechanism built into the servlet container.
 
Sabarish Venkat
Ranch Hand
Posts: 136
Netbeans IDE MySQL Database Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thank you Joe, I reviewed those information. I don't want to add security in a simple application. Consider i have a login page and a inner page. After login am showing the inner page it contains tables with data from database, when i logout am expiring the session and showing the login page. From the browser when i click the back button it shows the previous page (i.e inner page) with the tables and the data. When i check the session it shows "null". This is my problem, how to avoid this scenario
 
Sheriff
Posts: 67746
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
By adding security.
 
Joe Ess
Bartender
Posts: 9626
16
Mac OS X Linux Windows
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I'm with Bear.

Sabarish Venkat wrote:I don't want to add security in a simple application. Consider i have a login page and a inner page. After login am showing the inner page



It sounds like you do have security, it's just poorly implemented. You can create your own security scheme, perhaps by creating a custom interceptor and/or JSP tag that checks for the session and redirects to the login page if there is none. Of course, whether this is easier than simply configuring the web.xml to restrict resources is debatable. It will be less secure and less portable than the well-tested and debugged JEE security mechanism.
 
reply
    Bookmark Topic Watch Topic
  • New Topic