I just noticed that when I log in with a certain role and access a secured part of my app, that once I logout and directly login with a user that is not allowed to view this part, that it opens up the secured page of the authorized user. This is only happening when I logout and change credentials and directly login again. Is this happening for everyone so I should report a bug or am I just stoopid? -.-
kind regards chris
edit says: I just realized that once I login with the inferior credentials i can write the admin area in the browser directly and access it. this is btw just happening for users that can login anonymous user is blocked
i think it is partially from a vaadin team app. Could this be because of caching? I just tested again and if I login as admin and as a regular user right after it redirects me not correctly. Well I am just wondering if this is happening just for me or because of caching or something but I actually logout with the admin so I do not see how this be caching related.
regads chris
edit says code formatting somewhat not working sorry about that and it is only if I am on the admin area part of the app and logout
i think it is partially from a vaadin team app. Could this be because of caching? I just tested again and if I login as admin and as a regular user right after it redirects me not correctly. Well I am just wondering if this is happening just for me or because of caching or something but I actually logout with the admin so I do not see how this be caching related.
regads chris
edit says code formatting somewhat not working sorry about that and it is only if I am on the admin area part of the app and logout
edit says second time
I call this method in my loginview @Override public void beforeEnter(BeforeEnterEvent event) { if (SecurityUtils.isUserLoggedIn()) { event.forwardTo(ShowcaseConstants.ROUTERPATH_FRONT); } }
and yet it redirects me to the admin area when I login as a regular user after I logout with an admin
sry if i am too stupid but I do not see any problem in my code.