Hi,
I am trying to prevent replay attack in my web application. Here is problem, user logs out from session on shared computer but leaves browser open. Hacker clicks back on browser and hits refresh button. As a result, the authentication credentials are re-submitted and hacker is logged in. Is there anything in
J2EE security that can prevent this from happening.
Thanks
ML