JSF2 - logout and page expired browser information
I'm quite new in Java EE and JSF. I'm trying to create login system, but I
have a problem with back button when user is logged out. To deal with that
I created a filter as suggested in in several other topics which I found
on stackoverflow, it looks like this:
public void doFilter(ServletRequest req, ServletResponse res, FilterChain
chain) throws IOException, ServletException {
HttpServletResponse hsr = (HttpServletResponse) res;
hsr.setHeader("Cache-Control", "no-cache, no-store, must-revalidate");
hsr.setHeader("Pragma", "no-cache");
hsr.setDateHeader("Expires", 0);
chain.doFilter(req, res);
}
Now the pages aren't cached. On each page is called authenticate function
which looks like this:
public void authenticate(ComponentSystemEvent event) {
if(!userName.equals("Admin")) {
FacesContext context = FacesContext.getCurrentInstance();
ConfigurableNavigationHandler navHandler =
(ConfigurableNavigationHandler)
context.getApplication().getNavigationHandler();
navHandler.performNavigation("/root/start");
}
}
So when admin isn't logged in application redirect me to login page (for
now it is enough when it works only with one user called admin).
The problem is when admin logged out and use back button there is a
browser specific web page with information about expired web page, for
this moment there are 2 cases:
1) User is logged in, when he hit refresh then page appears normally.
2) User is logged out, when he hit refresh or use back button again there
will be thrown javax.faces.application.ViewExpiredException and then user
will be redirected to login page (/root/start - I configured it in my
web.xml).
All what I want to do is to skip browser information about expired webpage
- logged out user have to be redirected to login page immediately after
use of back button, and logged in user can use back button normally
without be warned about expired page. Any solution that begginier can
implement (if any exist)?
No comments:
Post a Comment