The problem is that after the user is logged in, he can return to the protected pages using the "back" arrow. At the same time, he cannot edit them; he drops it on the login page. I thought that the problem in caching - I tried to turn it off, did not help. Also added crutches in the spirit of redirects, in case the user is not logged in, both on jsp pages and in left servlets. What could be the problem?
1 answer
public class NoCacheFilter implements Filter { @Override public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException { HttpServletResponse response = (HttpServletResponse) res; response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate"); // HTTP 1.1. response.setHeader("Pragma", "no-cache"); // HTTP 1.0. response.setDateHeader("Expires", 0); // Proxies. chain.doFilter(req, res); } 
Kirill Kirill
eleven 2
|