cocoon-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From java guru <javacoc...@yahoo.co.in>
Subject RE: session-invalidator and back-button?
Date Thu, 16 Aug 2001 13:18:06 GMT
Hi buddy.,
   This is community project...so nothing is
personal:-)..i apologize is my words sounded so...

Have good time..


 --- "Morrison, John" <John.Morrison@uk.experian.com>
wrote: > Ah, my apologies - I missed the 'logged out'
bit...
> 
> > -----Original Message-----
> > From: java guru [mailto:javacocoon@yahoo.co.in]
> > Sent: Thursday, 16 August 2001 2:12 pm
> > To: cocoon-users@xml.apache.org
> > Subject: RE: session-invalidator and back-button?
> > 
> > 
> > What do u mean?..the original question was "once
> he
> > logged out(which means the session is expired
> > purposefully) and push back button, the page is
> still
> > diplayed(from browser cache)"..
> > 
> > According to this the session is programatically
> > expired on logout so there is no session
> information
> > stored on server..and even if the browser try to
> get
> > the page from server, it would fail as the session
> is
> > already expired...
> > 
> > This is done very frequently in banking and public
> > email systems...
> > 
> > Again correct me if wrong..
> > 
> 
> Hey, please take it easy - it wasn't anything
> personal!
> 
> > 
> > 
> >  --- "Morrison, John"
> <John.Morrison@uk.experian.com>
> > wrote: > No reason - if you expire the page then
> it
> > will try
> > > and get it again from
> > > the server, if the session is still OK which
> keeps
> > > your password you won't
> > > be asked for it again.  T'was just a though...
> > > 
> > > > -----Original Message-----
> > > > From: java guru
> [mailto:javacocoon@yahoo.co.in]
> > > > Sent: Thursday, 16 August 2001 2:02 pm
> > > > To: cocoon-users@xml.apache.org
> > > > Subject: RE: session-invalidator and
> back-button?
> > > > 
> > > > 
> > > > Hi.,
> > > >   Correct me if i am wrong...why not use page
> > > > expiration time in http headers?..
> > > > 
> > > > 
> > > >  --- "Morrison, John"
> > > <John.Morrison@uk.experian.com>
> > > > wrote: > If you use the
> > > javascript:location.replace (I
> > > > > *think* that's what its
> > > > > called) I don't *believe* that the new page
> is
> > > added
> > > > > to the history...
> > > > > 
> > > > > > -----Original Message-----
> > > > > > From: Enke Michael
> > > > > [mailto:Michael.Enke@wincor-nixdorf.com]
> > > > > > Sent: Thursday, 16 August 2001 1:54 pm
> > > > > > To: cocoon-users@xml.apache.org
> > > > > > Subject: Re: session-invalidator and
> > > back-button?
> > > > > > 
> > > > > > 
> > > > > > But if I use e-mail or banking over
> internet,
> > > > > > it is not possible to get the last page
> back.
> > > > > > And there is no extra window, the back
> button
> > > is
> > > > > selectable.
> > > > > > The server answers that an error occured
> or
> > > that
> > > > > > I have to login again.
> > > > > > 
> > > > > > Is there a way in cocoon other than
> spawning
> > > > > another browser window?
> > > > > > 
> > > > > > Michael
> > > > > > 
> > > > > > Adrian Geissel wrote:
> > > > > > > 
> > > > > > > Hi Michael,
> > > > > > > 
> > > > > > > I believe that the only way to solve
> such an
> > > > > issue is to 
> > > > > > 'run' the protected
> > > > > > > portion of your website in a spawned
> browser
> > > > > window, and 
> > > > > > then when the user
> > > > > > > log's out, to close that window. This
> will
> > > > > ensure that the 
> > > > > > Back history,
> > > > > > > which is local to a browser window,
> cannot
> > > be
> > > > > access with 
> > > > > > permission.
> > > > > > > 
> > > > > > > Hope that this helps,
> > > > > > > Adrian
> > > > > > > 
> > > > > > > ----- Original Message -----
> > > > > > > From: Enke Michael
> > > > > <Michael.Enke@wincor-nixdorf.com>
> > > > > > > To: <cocoon-users@xml.apache.org>
> > > > > > > Sent: Thursday, August 16, 2001 11:46 AM
> > > > > > > Subject: session-invalidator and
> > > back-button?
> > > > > > > 
> > > > > > > > Hi,
> > > > > > > > I tryed the web-application demo from
> > > cocoon2
> > > > > > > > where a login and logout can be
> performed.
> > > > > > > > But after logout if I press the back
> > > button of
> > > > > my browser
> > > > > > > > I get back into protected area without
> > > > > authorization.
> > > > > > > > How can this be avoided?
> > > > > > > >
> > > > > > > > Michael
> > > > > > > >
> > > > > > > > 
> > > > > >
> > > > >
> > > >
> > >
> >
>
---------------------------------------------------------------------
> > > > > > > > Please check that your question has
> not
> > > > > already been 
> > > > > > answered in the
> > > > > > > > FAQ before posting.
> > > > > <http://xml.apache.org/cocoon/faqs.html>
> > > > > > > >
> > > > > > > > To unsubscribe, e-mail:
> > > > > <cocoon-users-unsubscribe@xml.apache.org>
> > > > > > > > For additional commands, e-mail: 
> > > > > > <cocoon-users-help@xml.apache.org>
> > > > > > > >
> > > > > > > >
> > > > > > > 
> > > > > > > 
> > > > > >
> > > > >
> > > >
> > >
> >
>
---------------------------------------------------------------------
> > > > > > > Please check that your question has not
> > > already
> > > > > been answered in the
> > > > > > > FAQ before posting.
> > > > > <http://xml.apache.org/cocoon/faqs.html>
> > > > > > > 
> > > > > > > To unsubscribe, e-mail:
> > > > > <cocoon-users-unsubscribe@xml.apache.org>
> > > > > > > For additional commands, e-mail:
> > > > > <cocoon-users-help@xml.apache.org>
> > > > > > 
> > > > > >
> > > > >
> > > >
> > >
> >
>
---------------------------------------------------------------------
> > > > > > Please check that your question has not
> > > already
> > > > > been answered in the
> > > > > > FAQ before posting.
> > > > > <http://xml.apache.org/cocoon/faqs.html>
> > > > > > 
> > > > > > To unsubscribe, e-mail:
> > > > > <cocoon-users-unsubscribe@xml.apache.org>
> > > > > > For additional commands, e-mail:
> > > > > <cocoon-users-help@xml.apache.org>
> 
=== message truncated === 

=====
Thanks and have great day
srini

____________________________________________________________
Do You Yahoo!?
Send a newsletter, share photos & files, conduct polls, organize chat events. Visit http://in.groups.yahoo.com.

---------------------------------------------------------------------
Please check that your question has not already been answered in the
FAQ before posting. <http://xml.apache.org/cocoon/faqs.html>

To unsubscribe, e-mail: <cocoon-users-unsubscribe@xml.apache.org>
For additional commands, e-mail: <cocoon-users-help@xml.apache.org>


Mime
View raw message