Menu
I am using spring security and i was wondering how to solve this back button or problem of the browsers.
The thing is that after i login , when i click the back button . I am coming to the login page again. It would be very good if even on clicking the back button you stay in the logged in home page only.
Same must be if i am logged out it should not be like when i click the back button i am again in the logged in home page. I am not sure what to do to solve this. I know browser caches the pages but When i use standard website like facebook or yahoo , looks like there is already some solution for it. Any direction or info will be very helpful.?
662
Part of you problem comes from browser cache. You can disable it in multiple ways:
<mvc:annotation-driven/>
<mvc:interceptors>
<mvc:interceptor>
<mvc:mapping path="/**/*"/>
<bean id="webContentInterceptor" class="org.springframework.web.servlet.mvc.WebContentInterceptor">
<property name="cacheSeconds" value="0"/>
<property name="useExpiresHeader" value="true"/>
<property name="useCacheControlHeader" value="true"/>
<property name="useCacheControlNoStore" value="true"/>
</bean>
</mvc:interceptor>
</mvc:interceptors>
response.setHeader("Pragma", "no-cache");
response.setHeader("Cache-Control", "no-cache");
response.setDateHeader("Expires", 0);
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Cache-Control" content="no-cache">
<meta http-equiv="Expires" content="Sat, 01 Dec 2001 00:00:00 GMT">
Did you try the built-in cache control of Spring Security:
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
// ...
.headers()
.defaultsDisabled()
.cacheControl();
}
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
