Well, there's no intermediary: I'm seeing this in NetBeans 7.0.1 with AT
6.0.26. and if my NoCache_Filter contains this:
// Force browser not to cache pages.
HttpServletResponse hsr = (HttpServletResponse) response;
hsr.setHeader("Cache-Control", "no-cache, no-store,
must-revalidate"); // HTTP 1.1.
hsr.setHeader("Pragma", "no-cache"); // HTTP 1.0.
hsr.setDateHeader("Expires", 0); // Proxies.
With the settings in web.xml as follows:
<filter-mapping>
<filter-name>NoCacheFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
<dispatcher>INCLUDE</dispatcher>
<dispatcher>ERROR</dispatcher>
</filter-mapping>
So be it.
I can always edit the <url-pattern> to exclude certain pages anyway.
Thanks.
-----Original Message-----
From: Caldarale, Charles R [mailto:chuck.caldar...@unisys.com]
Sent: 12 Oct 2011 23 05
To: Tomcat Users List
Subject: RE: Application not logging out properly
> From: Martin O'Shea [mailto:app...@dsl.pipex.com]
> Subject: RE: Application not logging out properly
> But it doesn't explain why I can see the pages after session invalidation.
It certainly does. If the browser (or some other intermediary) is caching the
pages, they will be available for display. Try sniffing the network traffic at
both the browser and Tomcat ends to see who has the data.
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you received
this in error, please contact the sender and delete the e-mail and its
attachments from all computers.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
