• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 948
  • Last Modified:

The problem is with the j_security_check used in jsp pages in the login screen.

i am working on jsp along with tomcat server.In the login screen i am using response.encodeURL("j_security_check") to redirect from login screen after submission of the page.I am able to successfully login.But once wen i press the back button of the browser and move to login screen and again try to login i 've an error message saying "HTTP STATUS 404 ERROR THE REQUESTED RESOURCE(/j_security_check) IS NOT AVAILABLE".To login again,I've to close the browser fully and open a new one .
 Can anyone help this out?
0
sure_krishna
Asked:
sure_krishna
1 Solution
 
girionisCommented:
 Yuo will have to invalidate the session since the session is already active when you use the back button of your browser... I am not sure if the following will help if you put it on the top of your login page.

<%
HttpSession session = request.getSession(false);
session.invalidate();
%>

  You could also try to expire any cache you might have:

<%
response.setHeader("Cache-Control","no-cache"); //HTTP 1.1
response.setHeader("Pragma","no-cache"); //HTTP 1.0
response.setDateHeader ("Expires", 0); //prevents caching at the proxy server
%>

  Hope it helps.

0
 
CleanupPingCommented:
sure_krishna:
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1 
EXPERTS:
Post your closing recommendations!  No comment means you don't care.
0
 
jimmackCommented:
No comment has been added lately, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question is:

Accept girionis' comment as answer.

Please leave any comments here within the next seven days.

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

jimmack
EE Cleanup Volunteer
0
 
girionisCommented:
 Thank you :)
0
 
TomBruserCommented:
Simple solution:

At the start of your login and login-error pages, include the following:

    if (request.getAttribute("javax.servlet.forward.request_uri") == null) {
        response.sendRedirect("/index.jsp");
    }

where /index.jsp is equivalant to some acceptable page to forward users to if they have inadvertantly hit the back button to reach the login page.

To create a logout function, make a logout.jsp that contains the following:

        session.invalidate();
        response.sendRedirect("/index.jsp");

0

Featured Post

Receive 1:1 tech help

Solve your biggest tech problems alongside global tech experts with 1:1 help.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now