On Fri, 2011-11-04 at 07:16 -0700, Léa Massiot wrote: > Hello, > > Thank you for reading my post. > > Maybe my question is not purely related to "Tomcat" but here is my problem: > - a user logs into my Webapp; > - his session expires; > - if he: > - presses the F5 key (browser refresh functionality),
This creates a new session for the user with _none_ of the objects from the old session in it (because it expired). > - goes back to the previous screen using the browser "go back one > page" button... > all that was stored in the session is lost and the Webapp behaviour is > uncertain. "Uncertain" is a bit vague. This could be a design problem in the app, e.g. if some objects are simply assuming that the session contains certain other objects then you should expect unexpected behaviour. My guess is the behaviours you see are quite certain, just not well understood. > Instead, I wish I go direct him to the Webapp log in page. If every page in the web app is supposed to require authentication you need to declare that in web.xml. I'm assuming (perhaps incorrectly) you've already got some declaration in there for form authentication? > > My Webapp "itself" behaves properly. > My problem occurs only if the user uses browser functionalities or buttons. > > I don't know how to deal with that issue. > Can you help me? > > Best regards, > -- > Léa --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
