Hi Gurpreet, You're correct. the authentication filters ensure that subject.isAuthenticated() == true before allowing the request to continue. No need to check again in your code. And yes, a back-button request will go back to a cached page, but if the cache has expired, it will go back to the server.
Regards, Les On Thu, Jul 30, 2009 at 11:01 AM, gkaur<[email protected]> wrote: > > Hi > > > My question is that if I am applying my authc filter to anything that comes > into the my app...something like > /contactcenter/**=authc then is there a point of checking > currentUser.isAuthenticated() is my servlet? > > Do they both do the same thing? > > What happens when a user hits the back button after logging out? I > understand that if the page isn't cached then it should go back to the > appserver. > > Thank you > -Gurpreet > -- > View this message in context: > http://n2.nabble.com/authc-filter-and-isAuthenticated%28%29-tp3356843p3356843.html > Sent from the Shiro User mailing list archive at Nabble.com. >
