In addtion, you might want to disable auto-session creation on some/all of your pages: http://javaalmanac.com/egs/javax.servlet.jsp/nosession.html?l=new
Dennis
| "Amleto Di Salle"
<[EMAIL PROTECTED]>
06/24/2004 10:53 AM
|
|
Hi,
one possible solution is to invalidate the session inside the
"LogoffAction".
HttpSession session = httpServletRequest.getSession( false );
if ( session != null ) {
session.invalidate();
}
If you have already done and the problem remains, maybe you are using
HttpServletRequest.getSession() method (or getSession(true)) inside the
Actions (or "BaseAction" if you use a base class for your all actions,
in order to validate the users).
BR
/Amleto
-----Messaggio originale-----
Da: Ricardo Andres Quintero [mailto:[EMAIL PROTECTED]
Inviato: giovedì 24 giugno 2004 15.41
A: [EMAIL PROTECTED]
Oggetto: Back Browser Button After Logout and Reload so that continue
working
Hello my friends
Followed i attach a message i found in the internet.
I have found some conceptual solutions about this problem,
but i DO need an example that works to solve it.
The conceptual solution talks about a token syncronizer. I don't know
how to write it.
Thank you in advanced.
<%-- THE PROBLEM --%>
Hello,
I used Struts to develop a web app which has a login form to permit
access to different functionnalities via a menu page. I use a session
var I set at login to check if the user has not logged out. The problem
that I have is, once I do the logoff, if I use the Back button of the
browser to the menu page and do a refresh a new session gets created and
I'm able to use the app. I have a filter to do the verification but I
tried before doing it in each Action and I have the same problem. I
don't access .jsp pages directly, I have an Action for each of them. I
read some posts but none seems to talk about my specific problem.
It sounds like a begginer caveat but I have no idea what should I do or
what am I doing wrong. Any help appreciated,
Cezar
<%-- END OF THE PROBLEM --%>
--
Ricardo Andrés Quintero R.
Ubiquando Ltda.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
