Hi all,
I am using tapestry-spring-security version 2.0.0-SNAPSHOT (awesome plugin
btw) and everything seems to work perfectly except when the combined steps
are executed below:
- go to a secured page with a form on it. i.e. @Secured("ROLE_ADMIN") public
class ...
- logout using the LogoutService (which then redirects to the login page)
- click the back button on the browser (so I'm on the previous page with the
secured form on it)
- click the submit button
The form submission is processed as normal without checking the users
permissions or if the user is even logged in. I have even tried adding
@Secured to the form processing method but I still get the same results. I
have also verified by going to another page that the user is truly logged
out. Has anyone else run into this issue or suggest a workaround?
thanks,
B
--
View this message in context:
http://www.nabble.com/T5%3A-tapestry-spring-security-still-processes-form-submissions-after-logout-tp19428417p19428417.html
Sent from the Tapestry - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
