Is it possible that either i should only put these header in the logout
action
where i am removing the session and den redirecting the user to index page
something like this
HttpServletResponse response=null;
response=ServletActionContext.getResponse();
response.setHeader("Pragma", "no-cache");
response.setHeader("Cache-Control", "no-cache");
response.setHeader("Expires", "0");
or can we create a interceptor which can do this for all the request wheer
we want this feature??
2009/1/21 shekher awasthi <shekher.awas...@gmail.com>
> i tried using setting the eader values but they are not working as expected
> i can even
>
> go and move back using broswer back button.
>
> if i will find anything helpfull will share with you
> till then hard luck
> :)
>
> 2009/1/21 Paweł Wielgus <poulw...@gmail.com>
>
> Hi Shekher,
>> what i meant is that it can be done from server side.
>> Check for example Your e-banking application, i did it on mine :-).
>> There, when You press back button browser won't serve You cached page
>> but ask server for fresh one - this is controlled with content-cache
>> and pragma, but i can't be more helpfull to You here because i haven't
>> done it before.
>>
>> Best greetings,
>> Paweł Wielgus.
>>
>>
>> 2009/1/21 shekher awasthi <shekher.awas...@gmail.com>:
>> > Hi Paweł,
>> >
>> > thats true it only send request to server if i will refresh the page
>> and
>> > for that i have already custom interceptor places which is checking the
>> user
>> > object in session in order to confirm that the request is from
>> authorized
>> > user
>> >
>> > but when i make use of back button it serve the page from the local
>> > chache,so the problem is related to client side more than that of server
>> > handling
>> >
>> > still trying to find a firm solution for it
>> >
>> > 2009/1/20 Paweł Wielgus <poulw...@gmail.com>
>> >
>> >> Hi Shekher,
>> >> first try this scenario:
>> >> 1. logout user
>> >> 2. back button - check for logs if action was fired
>> >> 3. refresh page - check for logs if action was fired
>> >> Most likely only the 3. will fire action because browser will serve
>> >> cached version of that page.
>> >> I was about to write that to deal with it You can use https scheme,
>> >> but i just got it checked and it's not true. So maybe using pragma and
>> >> or cache-control will do?
>> >>
>> >> Still user can disable javascript so solution with script might not
>> work.
>> >> If You find out anything more please let us know.
>> >>
>> >> Best greetings,
>> >> Paweł Wielgus.
>> >>
>> >>
>> >> 2009/1/20 Robert Graf-Waczenski <r...@lsoft.com>:
>> >> > You don't write if the browser back button is supposed to be
>> functional
>> >> in
>> >> > your application (in many cases it is not, but YMMV).
>> >> >
>> >> > If you want to disable the browser back button, use the code below in
>> all
>> >> > your pages:
>> >> >
>> >> > <script type="text/javascript">
>> >> > history.forward();
>> >> > </script>
>> >> >
>> >> > I'm not aware of any feature in Struts2 that deals with the browser
>> back
>> >> > button.
>> >> >
>> >> > Robert
>> >> >
>> >> >
>> >> > shekher awasthi wrote:
>> >> >>
>> >> >> Hi All,
>> >> >>
>> >> >> in the process of developing application using struts 2.0.11, i came
>> >> >> across
>> >> >> the problem of handling browser back/forward button.
>> >> >>
>> >> >> This problem is occurring when we will logout the user.On Clicking
>> the
>> >> >> logout button we are currently removing the user from the session
>> >> >>
>> >> >> and it worked fine for us. After the successful logout process user
>> will
>> >> >> be
>> >> >> redirected to the index page(which have the login field),
>> >> >>
>> >> >> but when user hits the browser back button he is getting himself
>> there
>> >> in
>> >> >> the secure page even we have remove the user object from the session
>> >> >>
>> >> >> below is the code we are using for removing the user
>> >> >>
>> >> >> session.remove(BSConstant.USER);
>> >> >>
>> >> >> i am clueless where we are doing wrong , as we think we are having
>> two
>> >> >> points
>> >> >>
>> >> >> 1) Either the user is not getting removed from the session,but the
>> >> chances
>> >> >> are very less as for all other call after logout it is forcing the
>> user
>> >> to
>> >> >> login first.
>> >> >>
>> >> >> 2) Back button handling is not there
>> >> >>
>> >> >> my question is, Is there any way in struts2 to handle browser
>> >> back/forward
>> >> >> button or do i need to use some other technique like
>> >> >>
>> >> >> setting response header
>> >> >>
>> >> >> any suggestion in this regard will be much appreciated.
>> >> >>
>> >> >> -s
>> >> >>
>> >> >>
>> >> >
>> >> >
>> >> > ---------------------------------------------------------------------
>> >> > To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
>> >> > For additional commands, e-mail: user-h...@struts.apache.org
>> >> >
>> >> >
>> >>
>> >> ---------------------------------------------------------------------
>> >> To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
>> >> For additional commands, e-mail: user-h...@struts.apache.org
>> >>
>> >>
>> >
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
>> For additional commands, e-mail: user-h...@struts.apache.org
>>
>>
>
