Skip to Content

Changes for page Development-Backtracking

Last modified by Pascal Robert on 2010/09/13 00:29
From version 5.1
edited by smmccraw
on 2007/07/08 09:45
Change comment: There is no comment for this version
To version 3.1
edited by Quinton Dolan
on 2007/07/12 20:26
Change comment: There is no comment for this version

Summary

Details

Page properties
Author
... ... @@ -1,1 +1,1 @@
1 -XWiki.smmccraw
1 +XWiki.qdolan
Content
... ... @@ -12,30 +12,28 @@
12 12  
13 13  To keep users from accessing someone else's session when they use the back buttion, you should call the session().terminate() in your logout action. In order for this to work, you have to issue a redirect, after calling terminate(), to page with no session, because if you return another page using pageWithName(), that page will reference the session you just terminated, and it won't work. My logout action looks something like this:
14 14  
15 -{{panel}}
15 +{{code}}
16 16  
17 - public WOComponent logout() {
18 - WORedirect redirect = (WORedirect)pageWithName("WORedirect";);
19 - redirect.setUrl("/cgi-bin/WebObjects/MyApp";); // entry point
20 - session().terminate();
21 - return redirect;
22 - }
17 +public WOComponent logout() {
18 + WORedirect redirect = (WORedirect)pageWithName("WORedirect";);
19 + redirect.setUrl("/cgi-bin/WebObjects/MyApp";); // entry point
20 + session().terminate();
21 + return redirect;
22 +}
23 23  
24 -{{/panel}}
24 +{{/code}}
25 25  
26 26  This will prevent the session from working if someone uses the back button, but it doesn't prevent them from seeing the content on the pages. If sensitive content is the issue, the best thing to do is to close the window when the user logs out. This would assume that when they loged in, you opened a window for the sensitive part of the app to run in. That way, when you use javascript to close it, you won't trigger a warning message that the user can intercept. With a window that you opened, you can do the redirect like above, to an html page that looks like:
27 27  
28 -{{code}}
28 +{{code value="xml"}}
29 29  
30 -{panel}
31 - <HTML>
32 - <HEAD>
33 - <TITLE>Closing Window...</TITLE>
34 - </HEAD>
35 - <BODY onLoad="window.close()">
36 - </BODY>
37 - </HTML>
38 -{panel}
30 +<HTML>
31 +<HEAD>
32 + <TITLE>Closing Window...</TITLE>
33 +</HEAD>
34 +<BODY onLoad="window.close()">
35 +</BODY>
36 +</HTML>
39 39  
40 40  {{/code}}
41 41