Re: Doubt about sessions...

Thu, 3 Feb 2000 23:53:25 -0800 

Hi

Simpelest solution is to include the no-cache meta tag in the html header
(put the header at the bottom of the html page) + also put in expires meta
tag
or get ur page devided into two frames, give the upper frame zero percent
and lower 100% and play ur site in the lower frame, nothing will go into
history
regards

or validate each operation for user type...

but why balming sessions... ur problem does not relate to sessions at all...

vaince


-----Original Message-----
From: A mailing list for discussion about Sun Microsystem's Java Servlet
API Technology. [mailto:[EMAIL PROTECTED]]On Behalf Of Punam
Chordia
Sent: Thursday, February 03, 2000 8:09 AM
To: [EMAIL PROTECTED]
Subject: Doubt about sessions...


Hi friends,
I have a doubt regarding sessions.
Initially i shall give a background of what iam trying to do.
I have a system in which a user logs in and according to
his priority a menu is displayed.
Suppose, a higher priority user performs the following steps:
*        logs in
*       performs some task
*       logs out.
Now when he logs in i will create a new session for him.
Say he has session ID 1.
When he logs out, i will invalidate the session.
Now IN THE SAME BROWSER WINDOW, another user logs in, who is of lesser
priority
that the previous user.Say he gets a session id 2.
 He can use the back button of the browser to access the high priority
user's screen
and perform any functionality as the servlet will just validate the session
id(2 is valid)
and let the user perform the task.
I dont want this to happen.
Any pointers are most welcome.

Regards,

Punam Chordia
ITL Infosys
Pune Infotech Park
91-02139-32800 Extn. 2025

___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".

Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html

___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".

Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html

Reply via email to