First, I asked this question here but no good results.
I have a JSP, Servlet, Hibernate application. In this application I have a very weird problem. That is, if the session got expired (in other words "time out") and when the user click on a link the page will be redirected to the index page, but after that the user is not able to log in and access the last link he clicked. I will describe it step by step in below.
1. User log into the application. Session get created.
2. He access the path /Passport 3. User is now idle, session get expired.
4. User come back and click on link to access /Visa . Since the session is now idle, user will be redirected to index page.
5. User log in.
6. Click on the link to access /Visa (from anywhere where the link is available)
. The link is an <a href> where it links to its path like
7. Now the problem. User is redirected back to index page.
I have `Filter` to monitor whether the session is `null` and whether the required session attributes are not `null`. If the request do not fulfill the mentioned 2 conditions, the request will be sent back to the index.
The filter code is below.
In web.xml, I have added the filter from servlet to servlet, like below.
Filter session timeout is configured as below.
So, what is happening here?
When the above error happens, the URL actually looks like `http://localhost:8080/xxx/Visa?idEmployee=1` even though it is redirected!
Forward is an 'internal' change of resource loaded - it changes the target page leaving the browser/client unaware.
A Redirect basically tells the client/browser "go to this url instead"
So if you are using a forward, I would not expect the URL to change .
The linked question has mentioned one possible answer that your request is being cached. You can confirm this using a browser developer tools (F12) on the Network tab, and actually see if it makes the request to the server, or just serves the page from the cache.
Using the standard "no-cache" headers on your pages should resolve that issue. We have an FAQ Page on that.