jsf中的会话注销问题 [英] session Logout problem in jsf

问题描述

我正在开发一个Web应用程序，并使用jsf，hibernate和spring框架.

I am working on a web application and using framework jsf,hibernate and spring.

应用程序中有不同类型的用户.根据用户输入的类型，我在菜单中启用了针对不同用户类型的链接.

There are different kind of users in application.On the basis of user looged in type there i am enabling the link in menu for different user type.

注销链接就会提供给用户. 我已经写了我的logout.jsp页面.

Logout link in menu bar is provided to user once user is logged in. i have written my logout.jsp page.

&％; session.invalidate(); response.sendRedirect(response.encodeRedirectURL("../login/login.jsf")); ％>

<% session.invalidate(); response.sendRedirect(response.encodeRedirectURL("../login/login.jsf")); %>

即使注销后用户仍可以查看应显示给特定类型用户的页面.

even though after logout user is able to view the pages which should be displayed to specific type of users.

请帮助.

推荐答案

该页面显然是从浏览器缓存中请求的.

The page is apparently been requested from the browser cache.

通过添加一个javax.servlet.Filter使其禁用，该javax.servlet.Filter映射到覆盖诸如*.jsf之类的动态页面的url-pattern上，并在doFilter()方法中执行以下操作.

Disable it by adding a javax.servlet.Filter which is mapped on an url-pattern covering the dynamic pages like *.jsf and does the following in doFilter() method.

HttpServletResponse httpResponse = (HttpServletResponse) response;
httpResponse.setHeader("Cache-Control", "no-cache, no-store, must-revalidate"); // HTTP 1.1.
httpResponse.setHeader("Pragma", "no-cache"); // HTTP 1.0.
httpResponse.setDateHeader("Expires", 0); // Proxies.
chain.doFilter(request, response);

这篇关于jsf中的会话注销问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！