Em Wed, 24 Sep 2008 23:00:15 -0300, wesley <[EMAIL PROTECTED]>
escreveu:
i've implemented some projects which is spring2+T5 integrated. I followed
most of the tutorial from book and some tips from forums. The
implementation of my user authentication is using "ASO" to control the
access of
unauthorized users. But on my testing, right after i logout, i still be
able to view the previous page which shouldn't.
AFAIK, your problem is not related to back button. Retyping the last URL
would have the same effect.
In your logout method, you need to invalidate (kill) the user session,
because otherwise it is kept until it expires by lack of user interaction.
You can use the Session.invalidate() method to do this in your logout page:
@Inject
private Session session;
// in some method called by your logout logic
session.invalidate();
How do you implement the user logout?
Thiago
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
