Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

User can still view pervious page after logout in grails

Tags:

grails

In my grails project, i am using spring security core plugin. I have provided logout link as

<g:link controller="logout">Logout</g:link> in my gsp pages. 

Code in LogoutController as :

class LogoutController {

/**
 * Index action. Redirects to the Spring security logout uri.
 */
def index = {
    // TODO put any pre-logout code here
        session.invalidate()
        redirect uri: SpringSecurityUtils.securityConfig.logout.filterProcessesUrl // '/j_spring_security_logout'
 }
}

When user clicks it, it redirects user to login page. But if user clicks browser's back button, user is able to see previous working page. I don't want to redirect him to previous page & he should stay on login page. What can i do for it?

Additional info : I have created one tag library which check login user's username. If its anonymous, it redirects to login page or send it to home page. But working of it,user must click on something. Because currently after logout,user can see previous page by clicking on back button. I don't want to redirect him on previous page. He should stay on login page.

like image 246
Aasif Solkar Avatar asked Feb 19 '23 11:02

Aasif Solkar


1 Answers

Simple ,just put this code in all your Pages:

<%
response.setHeader("Cache-Control","no-cache");  

response.setHeader("Cache-Control","no-store");     

response.setDateHeader("Expires", 0); 

response.setHeader("Pragma","no-cache");

%>
like image 200
Fred Ondieki Avatar answered Mar 06 '23 21:03

Fred Ondieki