I am using STATE_SAVING_METHOD set to client. I have a session scoped bean that performs login/logout methods and has two properties with public getter/setters, username & password.
The problem: 1. A user logs in successfully, does some work, logs out. 2. The session is invalidated when the user logs out. 3. Hit the browser back button until the user gets to the login page again, hit refresh, the user is logged in again without re-entering login information. Is this due to the session state being saved on the client within the view? More importantly, is there anyway to keep the successful login from happening with state_saving_method=client? Thanks. -- View this message in context: http://www.nabble.com/STATE_SAVING_METHOD-client-state-resubmitted-tf2327964.html#a6476425 Sent from the MyFaces - Users mailing list archive at Nabble.com.
