This week's book giveaway is in the Agile and Other Processes forum. We're giving away four copies of Darcy DeClute's Scrum Master Certification Guide: The Definitive Resource for Passing the CSM and PSM Exams and have Darcy DeClute on-line! See this thread for details.
i am creating a web appliction in which i want
if the user is been logout once then he should not be able to access the home page by simply pressing the back button...
i tried different things but it didn't work...
Please be sure to use code tags when posting code to the forums. Unformatted code is extremely hard to read and many people that might be able to help you will just move along to posts that are easier to read. Please read this for more information.
You can go back and change your post to add code tags by clicking the button on your post.
1. Please store your attribute in a session, not the request: NOT this request.setAttribute("uname",name);
2. Disable the browser's cache otherwise the user can preview the previous cached page. The homepage should have a check for whether the username stored in the session is null. As an aside, preview authentication standards from other sources, google it
guys still i am in the same problem...can anyone give me any suggestions to handle it on server side...
after logout the user is sent back to the login page and there if he press the back button the request should go to the controller and
check whether is he properly logged in if yes allow him other wise display the login page...
Create a Cookie object and send it (response.addCookie(Cookie)) when the user logs in. Before a secure page loads, check whether this cookie exists.
Upon logout delete this cookie (using 'setMaxAge(0)' and then send it).