Thanks but, i think the problem is a little bit more complex than that.
Because when the user makes a reload in the page, a loginAction.do is sent, with the correct parameters, so that is normal a session doesn't exist like when a user logons for the first time. Here we are talking about secure servelt api like a struts dev wrote to the list but i dont know neither what he is talking about nor how to write it. i need a practical example. the other is to use JS, but it depends on the client, thing i wouldnt like to do but if there is not another solution.... ---------- Forwarded Message ----------- From: [EMAIL PROTECTED] To: "Struts Users Mailing List" <[EMAIL PROTECTED]> Sent: Thu, 24 Jun 2004 11:00:30 -0400 Subject: Re: R: Back Browser Button After Logout and Reload so that continue working In addtion, you might want to disable auto-session creation on some/all of your pages: http://javaalmanac.com/egs/javax.servlet.jsp/nosession.html?l=new Dennis "Amleto Di Salle" <[EMAIL PROTECTED]> 06/24/2004 10:53 AM Please respond to "Struts Users Mailing List" <[EMAIL PROTECTED]> To "'Struts Users Mailing List'" <[EMAIL PROTECTED]> cc Subject R: Back Browser Button After Logout and Reload so that continue working Hi, one possible solution is to invalidate the session inside the "LogoffAction". HttpSession session = httpServletRequest.getSession( false ); if ( session != null ) { session.invalidate(); } If you have already done and the problem remains, maybe you are using HttpServletRequest.getSession() method (or getSession(true)) inside the Actions (or "BaseAction" if you use a base class for your all actions, in order to validate the users). BR /Amleto -----Messaggio originale----- Da: Ricardo Andres Quintero [mailto:[EMAIL PROTECTED] Inviato: giovedì 24 giugno 2004 15.41 A: [EMAIL PROTECTED] Oggetto: Back Browser Button After Logout and Reload so that continue working Hello my friends Followed i attach a message i found in the internet. I have found some conceptual solutions about this problem, but i DO need an example that works to solve it. The conceptual solution talks about a token syncronizer. I don't know how to write it. Thank you in advanced. <%-- THE PROBLEM --%> Hello, I used Struts to develop a web app which has a login form to permit access to different functionnalities via a menu page. I use a session var I set at login to check if the user has not logged out. The problem that I have is, once I do the logoff, if I use the Back button of the browser to the menu page and do a refresh a new session gets created and I'm able to use the app. I have a filter to do the verification but I tried before doing it in each Action and I have the same problem. I don't access .jsp pages directly, I have an Action for each of them. I read some posts but none seems to talk about my specific problem. It sounds like a begginer caveat but I have no idea what should I do or what am I doing wrong. Any help appreciated, Cezar <%-- END OF THE PROBLEM --%> -- Ricardo Andrés Quintero R. Ubiquando Ltda. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] ------- End of Forwarded Message ------- -- Ricardo Andrés Quintero R. Ubiquando Ltda. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
