Hi, Michael,
What you suggest works fine. In this way, the URL is
changed from login.do to login.jsp. And in jsp, all
user information has been reinitialized so user has to
provide login information.
Thanks,
Bush
--- Michael Jouravlev <[EMAIL PROTECTED]> wrote:
> On 10/26/05, info3853 Bush <[EMAIL PROTECTED]>
> wrote:
> > I had a web application based on struts framework.
> Recently, I found that after you logout, you use the
> browser back button back to the login.do
> > page, the page shows the Page Time Out, however,
> if you click the refresh button, the page
> automatically login to the application without ask
> you any user information. Anyone has idea to handle
> this situation?
>
> After you log in, you must redirect to the success
> page instead of
> forwarding to it.
>
> What probably happens in your case, you log in and
> forward to success
> page. At this point success page is addressed with
> prior login
> request, so if you refresh success page, you will
> reinvoke login
> request. After you log in, you go back to success
> page and reload it,
> which reinvokes login request and bam, you logged in
> again.
>
> Michael.
>
>
---------------------------------------------------------------------
> To unsubscribe, e-mail:
> [EMAIL PROTECTED]
> For additional commands, e-mail:
> [EMAIL PROTECTED]
>
>
__________________________________
Yahoo! FareChase: Search multiple travel sites in one click.
http://farechase.yahoo.com
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
