Ah, my apologies - I missed the 'logged out' bit...
> -----Original Message-----
> From: java guru [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, 16 August 2001 2:12 pm
> To: [EMAIL PROTECTED]
> Subject: RE: session-invalidator and back-button?
>
>
> What do u mean?..the original question was "once he
> logged out(which means the session is expired
> purposefully) and push back button, the page is still
> diplayed(from browser cache)"..
>
> According to this the session is programatically
> expired on logout so there is no session information
> stored on server..and even if the browser try to get
> the page from server, it would fail as the session is
> already expired...
>
> This is done very frequently in banking and public
> email systems...
>
> Again correct me if wrong..
>
Hey, please take it easy - it wasn't anything personal!
>
>
> --- "Morrison, John" <[EMAIL PROTECTED]>
> wrote: > No reason - if you expire the page then it
> will try
> > and get it again from
> > the server, if the session is still OK which keeps
> > your password you won't
> > be asked for it again. T'was just a though...
> >
> > > -----Original Message-----
> > > From: java guru [mailto:[EMAIL PROTECTED]]
> > > Sent: Thursday, 16 August 2001 2:02 pm
> > > To: [EMAIL PROTECTED]
> > > Subject: RE: session-invalidator and back-button?
> > >
> > >
> > > Hi.,
> > > Correct me if i am wrong...why not use page
> > > expiration time in http headers?..
> > >
> > >
> > > --- "Morrison, John"
> > <[EMAIL PROTECTED]>
> > > wrote: > If you use the
> > javascript:location.replace (I
> > > > *think* that's what its
> > > > called) I don't *believe* that the new page is
> > added
> > > > to the history...
> > > >
> > > > > -----Original Message-----
> > > > > From: Enke Michael
> > > > [mailto:[EMAIL PROTECTED]]
> > > > > Sent: Thursday, 16 August 2001 1:54 pm
> > > > > To: [EMAIL PROTECTED]
> > > > > Subject: Re: session-invalidator and
> > back-button?
> > > > >
> > > > >
> > > > > But if I use e-mail or banking over internet,
> > > > > it is not possible to get the last page back.
> > > > > And there is no extra window, the back button
> > is
> > > > selectable.
> > > > > The server answers that an error occured or
> > that
> > > > > I have to login again.
> > > > >
> > > > > Is there a way in cocoon other than spawning
> > > > another browser window?
> > > > >
> > > > > Michael
> > > > >
> > > > > Adrian Geissel wrote:
> > > > > >
> > > > > > Hi Michael,
> > > > > >
> > > > > > I believe that the only way to solve such an
> > > > issue is to
> > > > > 'run' the protected
> > > > > > portion of your website in a spawned browser
> > > > window, and
> > > > > then when the user
> > > > > > log's out, to close that window. This will
> > > > ensure that the
> > > > > Back history,
> > > > > > which is local to a browser window, cannot
> > be
> > > > access with
> > > > > permission.
> > > > > >
> > > > > > Hope that this helps,
> > > > > > Adrian
> > > > > >
> > > > > > ----- Original Message -----
> > > > > > From: Enke Michael
> > > > <[EMAIL PROTECTED]>
> > > > > > To: <[EMAIL PROTECTED]>
> > > > > > Sent: Thursday, August 16, 2001 11:46 AM
> > > > > > Subject: session-invalidator and
> > back-button?
> > > > > >
> > > > > > > Hi,
> > > > > > > I tryed the web-application demo from
> > cocoon2
> > > > > > > where a login and logout can be performed.
> > > > > > > But after logout if I press the back
> > button of
> > > > my browser
> > > > > > > I get back into protected area without
> > > > authorization.
> > > > > > > How can this be avoided?
> > > > > > >
> > > > > > > Michael
> > > > > > >
> > > > > > >
> > > > >
> > > >
> > >
> >
> ---------------------------------------------------------------------
> > > > > > > Please check that your question has not
> > > > already been
> > > > > answered in the
> > > > > > > FAQ before posting.
> > > > <http://xml.apache.org/cocoon/faqs.html>
> > > > > > >
> > > > > > > To unsubscribe, e-mail:
> > > > <[EMAIL PROTECTED]>
> > > > > > > For additional commands, e-mail:
> > > > > <[EMAIL PROTECTED]>
> > > > > > >
> > > > > > >
> > > > > >
> > > > > >
> > > > >
> > > >
> > >
> >
> ---------------------------------------------------------------------
> > > > > > Please check that your question has not
> > already
> > > > been answered in the
> > > > > > FAQ before posting.
> > > > <http://xml.apache.org/cocoon/faqs.html>
> > > > > >
> > > > > > To unsubscribe, e-mail:
> > > > <[EMAIL PROTECTED]>
> > > > > > For additional commands, e-mail:
> > > > <[EMAIL PROTECTED]>
> > > > >
> > > > >
> > > >
> > >
> >
> ---------------------------------------------------------------------
> > > > > Please check that your question has not
> > already
> > > > been answered in the
> > > > > FAQ before posting.
> > > > <http://xml.apache.org/cocoon/faqs.html>
> > > > >
> > > > > To unsubscribe, e-mail:
> > > > <[EMAIL PROTECTED]>
> > > > > For additional commands, e-mail:
> > > > <[EMAIL PROTECTED]>
> > > > >
> > > >
> > > >
> > > >
> > >
> >
> ==============================================================
> > > =========
> > > > Information in this email and any attachments
> > are
> > > > confidential, and may
> > > > not be copied or used by anyone other than the
> > > > addressee, nor disclosed
> > > > to any third party without our permission.
> > There is
> > > > no intention to
> > > > create any legally binding contract or other
> > > > commitment through the use
> > > > of this email.
> > > >
> > > > Experian Limited (registration number 653331).
> > > > Registered office: Talbot House, Talbot Street,
> > > > Nottingham NG1 5HF
> > > >
> > > >
> > >
> >
> ---------------------------------------------------------------------
> > > > Please check that your question has not already
> > been
> > > > answered in the
> > > > FAQ before posting.
> > > > <http://xml.apache.org/cocoon/faqs.html>
> > > >
> > > > To unsubscribe, e-mail:
> > > > <[EMAIL PROTECTED]>
> > > > For additional commands, e-mail:
> > > > <[EMAIL PROTECTED]>
> > > >
> > >
> > > =====
> > > Thanks and have great day
> > > srini
> > >
> > >
> >
> ____________________________________________________________
> > > Do You Yahoo!?
> > > Send a newsletter, share photos & files, conduct
> > polls,
> > > organize chat events. Visit
> > http://in.groups.yahoo.com.
> > >
> > >
> >
> ---------------------------------------------------------------------
> > > Please check that your question has not already
> > been answered in the
> > > FAQ before posting.
> > <http://xml.apache.org/cocoon/faqs.html>
> > >
> > > To unsubscribe, e-mail:
> > <[EMAIL PROTECTED]>
> > > For additional commands, e-mail:
> > <[EMAIL PROTECTED]>
> >
> === message truncated ===
>
> =====
> Thanks and have great day
> srini
>
> ____________________________________________________________
> Do You Yahoo!?
> Send a newsletter, share photos & files, conduct polls,
> organize chat events. Visit http://in.groups.yahoo.com.
>
> ---------------------------------------------------------------------
> Please check that your question has not already been answered in the
> FAQ before posting. <http://xml.apache.org/cocoon/faqs.html>
>
> To unsubscribe, e-mail: <[EMAIL PROTECTED]>
> For additional commands, e-mail: <[EMAIL PROTECTED]>
>
=======================================================================
Information in this email and any attachments are confidential, and may
not be copied or used by anyone other than the addressee, nor disclosed
to any third party without our permission. There is no intention to
create any legally binding contract or other commitment through the use
of this email.
Experian Limited (registration number 653331).
Registered office: Talbot House, Talbot Street, Nottingham NG1 5HF
---------------------------------------------------------------------
Please check that your question has not already been answered in the
FAQ before posting. <http://xml.apache.org/cocoon/faqs.html>
To unsubscribe, e-mail: <[EMAIL PROTECTED]>
For additional commands, e-mail: <[EMAIL PROTECTED]>
