RE: Application not logging out properly

t: Re: Application not logging out properly >> Then they're going to be available in the browser cache until the >> browser chooses to discard them. You can't have it both ways. > >The OP could set expires headers that are relatively short-lived. That >way, the client

Re: Application not logging out properly

>> Then they're going to be available in the browser cache until the >> browser chooses to discard them. You can't have it both ways. > >The OP could set expires headers that are relatively short-lived. That >way, the client /should/ request a fresh page after, say, 30 minutes >or whatever the ses

RE: Application not logging out properly

Not HTTPS but it worth me checking as you advise. -Original Message- From: Caldarale, Charles R [mailto:chuck.caldar...@unisys.com] Sent: 12 Oct 2011 23 16 To: Tomcat Users List Subject: RE: Application not logging out properly > From: Martin O'Shea [mailto:app...@dsl.p

RE: Application not logging out properly

> From: Martin O'Shea [mailto:app...@dsl.pipex.com] > Subject: RE: Application not logging out properly > But I can see these pages visited in the session just invalidated > by using the browser's back button after logging out. The session state is completely irreleva

RE: Application not logging out properly

r /* REQUEST FORWARD INCLUDE ERROR So be it. I can always edit the to exclude certain pages anyway. Thanks. -Original Message- From: Caldarale, Charles R [mailto:chuck.caldar...@unisys.com] Sent: 12 Oct 2011 23 05 To: Tomcat Users List Subject: RE:

RE: Application not logging out properly

> From: Martin O'Shea [mailto:app...@dsl.pipex.com] > Subject: RE: Application not logging out properly > But it doesn't explain why I can see the pages after session invalidation. It certainly does. If the browser (or some other intermediary) is caching the pages, they wi

RE: Application not logging out properly

pages just visited. -Original Message- From: Christopher Schultz [mailto:ch...@christopherschultz.net] Sent: 12 Oct 2011 23 01 To: Tomcat Users List Subject: Re: Application not logging out properly -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Martin, On 10/12/2011 5:58 PM, Martin O&

Re: Application not logging out properly

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Martin, On 10/12/2011 6:01 PM, Martin O'Shea wrote: > I'm not disagreeing and have set a filter to this end. But it > doesn't explain why I can see the pages after session > invalidation. Your web browser has an on-disk cache. It's reading the files

RE: Application not logging out properly

cation not logging out properly -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Chuck, On 10/12/2011 5:30 PM, Caldarale, Charles R wrote: >> From: Martin O'Shea [mailto:app...@dsl.pipex.com] Subject: RE: >> Application not logging out properly > >> I would rather avoi

Re: Application not logging out properly

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Martin, On 10/12/2011 5:58 PM, Martin O'Shea wrote: > This is true of the current application, but also true of the other > Tomcat applications I have. > > But the others don't seem to have this problem. Which others? > I know the sessions are inva

Re: Application not logging out properly

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Chuck, On 10/12/2011 5:30 PM, Caldarale, Charles R wrote: >> From: Martin O'Shea [mailto:app...@dsl.pipex.com] Subject: RE: >> Application not logging out properly > >> I would rather avoid forcing the browser to r

RE: Application not logging out properly

t: RE: Application not logging out properly > From: Martin O'Shea [mailto:app...@dsl.pipex.com] > Subject: RE: Application not logging out properly > I would rather avoid forcing the browser to reload each page via the > appropriate headers. Then they're going to be available in

RE: Application not logging out properly

> From: Martin O'Shea [mailto:app...@dsl.pipex.com] > Subject: RE: Application not logging out properly > I would rather avoid forcing the browser to reload each > page via the appropriate headers. Then they're going to be available in the browser cache until the brows

RE: Application not logging out properly

I would rather avoid forcing the browser to reload each page via the appropriate headers. -Original Message- From: Caldarale, Charles R [mailto:chuck.caldar...@unisys.com] Sent: 12 Oct 2011 22 18 To: Tomcat Users List Subject: RE: Application not logging out properly > From: Mar

RE: Application not logging out properly

List Subject: Re: Application not logging out properly Martin O'Shea wrote: > Hello > > > > I'm using Apache Tomcat 6.0.26 for an application where the majority > of the content is hidden behind a page requiring authenticated login. > This appears to work fine

Re: Application not logging out properly

Martin O'Shea wrote: Hello I'm using Apache Tomcat 6.0.26 for an application where the majority of the content is hidden behind a page requiring authenticated login. This appears to work fine but upon logout, I find I am able to browse back through some of the pages visited in the session.

RE: Application not logging out properly

> From: Martin O'Shea [mailto:app...@dsl.pipex.com] > Subject: Application not logging out properly > upon logout, I find I am able to browse back through some > of the pages visited in the session. Are you sure it's not the browser simply displaying previously cached pag

Application not logging out properly

Hello I'm using Apache Tomcat 6.0.26 for an application where the majority of the content is hidden behind a page requiring authenticated login. This appears to work fine but upon logout, I find I am able to browse back through some of the pages visited in the session. As far as I'm aware,