Sitemap and security

Topics: Web Client Software Factory
Jun 26, 2007 at 3:44 PM
Edited Jun 26, 2007 at 4:46 PM
I have the security setup on the sitemapnodes but I am finding that if a user were to log out and then hit the previous page button in ie, the form will still display even though the user logged out. How do I go about locking the actual forms/pages? I'm kinda at a loss on this...

Thanks!

ok, I added the page with the proper authorization to the web.config of the specific module. Now I just need it to not pull the webpage from cache and actually retest and reload instead of just blindly displaying the information and then if an action is taken, then do the security check. I need it to perform the security check at either first load or load from cache or ???? Any ideas on how to solve?
Jun 26, 2007 at 5:21 PM

plstovall wrote:
I have the security setup on the sitemapnodes but I am finding that if a user were to log out and then hit the previous page button in ie, the form will still display even though the user logged out. How do I go about locking the actual forms/pages? I'm kinda at a loss on this...

Thanks!

ok, I added the page with the proper authorization to the web.config of the specific module. Now I just need it to not pull the webpage from cache and actually retest and reload instead of just blindly displaying the information and then if an action is taken, then do the security check. I need it to perform the security check at either first load or load from cache or ???? Any ideas on how to solve?


Just as an fyi, I got this figured out. I put the following into the page load of the aspx:

Response.Expires = -1;
Response.ExpiresAbsolute = DateTime.Now.AddHours(-48);
Response.Cache.SetCacheability(HttpCacheability.Private);
Response.CacheControl = "no-cache";
Response.Cache.SetNoStore();