cocoon-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Salvetti <m...@notremanou.net>
Subject Re: browser's back button and authentication framework
Date Thu, 17 Mar 2005 06:17:19 GMT
Hi Adam,

thanks for your reply,
i'm using actions (auth-login, etc...) but i don't see how your method 
would fix the problem.
the actions also test if the user is already identified, and redirect 
him to the right page if it's the case.
But the problem comes from the fact that no request is sent to the 
server when hitting the back button, so if the server doesn't get the 
request, it can't send the right answer... at least i think so :-)

do you have any specific browser cache configuration on the login page ?

Marc

Adam Ratcliffe a écrit :

>Hi Marc
>
>Are you using flowscript based authentication or actions?
>
>In my application I use the flowscript authentication functions, see the
>flow samples in the
>authentication-fw block. My login function, called when the login form is
>submitted, looks like this:
>
>function login() {
>  var handler = cocoon.parameters["handler"];
>
>  if (auth_isAuthenticated(handler)) {
>    success();
>  } else if (auth_login(handler, null, cocoon.parameters)) {
>    success();
>  } else {
>    failure();
>  }
>}
>
>So if the user is already authenticated they will be redirected to the
>protected resource without being
>re-authenticated.
>
>HTH
>Adam
>
>  
>
>>-----Original Message-----
>>From: Marc Salvetti [mailto:marc@notremanou.net]
>>Sent: Wednesday, 16 March 2005 11:41 p.m.
>>To: users@cocoon.apache.org
>>Subject: browser's back button and authentication framework
>>
>>
>>Hello,
>>
>>i'm meeting a problem with the authentication framework :
>>if a user press the back button after beeing logged in and redirected
>>from the login page, he is able to try to log in again, and gets the
>>error "user already authenticated"
>>I tried to use the pragma no-cache instructions to prevent the browser
>>from caching the login page, but with no success, the form is still
>>displayed on click of the back button.
>>
>>Does someone have a workaround to this problem ?
>>thanks,
>>
>>Marc
>>
>>
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
>>For additional commands, e-mail: users-help@cocoon.apache.org
>>
>>
>>
>>    
>>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
>For additional commands, e-mail: users-help@cocoon.apache.org
>
>
>
>
>  
>


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org


Mime
View raw message