LoginManager problem (get access without login)?
Hiya! I have a problem with LoginManager: When I try to access a protected folder I get the login site (that's ok), but when I press "back" and "forward" I get the protected content (e.g. index_html) ??? very strange behavior ... solution anyone? I thought that it has something to do with caching and added <dtml-call "RESPONSE.setHeader('Cache-Control', 'no-store, private, s-maxage=0, must-revalidate')"> to standard_html_header, but that has no effect ... I use Zope Version Zope 2.3.2 (binary release, python 1.5.2, win32-x86) Python Version 1.5.2 (#0, Jul 30 1999, 09:52:18) [MSC 32 bit (Intel)] System Platform win32 and Internet Explorer 5.00.2314.1003 ... tia Wolfgang ----------------------------------- wazum-mail ;-) (wolfgang@wazum.com) url ( http://www.wazum.com/ )
wolfgang> When I try to access a protected folder wolfgang> I get the login site (that's ok), but wolfgang> when I press "back" and "forward" wolfgang> I get the protected content (e.g. index_html) I've seen this behaviour with Internet Explorer (talking to an Apache server). We were completely baffled until we discovered that it was a bug in IE. Apparently it had cached the page from an earlier (Authenticated) visit, and the "back-forward" confused IE enough that it was willing to give up the cached version even though this visit wasn't authenticated. Try clearing your IE cache and see if you can make it happen; I bet you can't... I believe it's completely unrelated to LoginManager or even to Zope. Jim Rowan DCSI jmr@computing.com
participants (2)
-
jmr@computing.com -
wazum-mail (wolfgang)