 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Java Forum / First Aid / May 2004help me ...
We've a site which on entry prompts for the user authentication. the user info is taken from the LDAP server and not from database. what's happening with our system is ---on the user logout it's showing the logout msg but 1) when clicked on the back button of the browser or 2) by selecting the home page url it's taking the user back to already visited pages of the site instead of prompting for authentication as the user is already logged out. the problem i think arising due to browser cache...which is keeping user details in it n getting refreshed on logout. but in logout.jsp session is being invalidated using session.invalidate() method i tried the follwing statements after invalidating the session response.setHeader("Cache-control","private,no-cache"); response.setHeader("Expires","-10000000"); response.setHeader("pragma","no-cache"); but of no use................... is it happenening bcoz the user data is stored on LDAP..? what is the cause for this behavior? plz can any one send me the code to me.... regards D.Sreenivas > We've a site which on entry prompts for the user authentication. > the user info is taken from the LDAP server and not from database. [quoted text clipped - 6 lines] > it's taking the user back to already visited pages of the site instead of > prompting for authentication as the user is already logged out. [snipped...] > but of no use................... > is it happenening bcoz the user data is stored on LDAP..? [snipped...] Unlikely, although consulting your server logs will tell you if the browser is fetching data after its authentification has expired, or whether it is the browser cache. My money is on a cache, either the browser's own cache, or a proxy between the client and server. ;-) There are a number of ways of trying to solve a cache problem, including making the page look like a CGI (using post or adding a ? to the end of the URL to fake a get method query) which many cache's will not retain. Also adding no-cache etc. headers. And using a cookie to stop back-tracking. But it sounds as if you have tried all of those already. -FISH- >< > There are a number of ways of trying to solve a cache problem, > including making the page look like a CGI (using post or adding a > ? to the end of the URL to fake a get method query) which many > cache's will not retain. Also adding no-cache etc. headers. And > using a cookie to stop back-tracking. But it sounds as if you > have tried all of those already. THE way to solve this is to add a "Cache-control: no-cache" header for HTTP 1.1 clients. Such clients are then non-conformant if they cache the pages. For older HTTP 1.0 clients, there is no such simple answer, though a "Pragma: no-cache" and "Expires: -1" may help.  Signaturewww.designacourse.com The Easiest Way to Train Anyone... Anywhere. Chris Smith - Lead Software Developer/Technical Trainer MindIQ Corporation Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.