Wrong view with back button browser

Hi. I have a problem in my vaddin project, V24.3.7, with back button browser. When I click on it, a view that I have never gone is displayed. It’s a problem with user that haven’t right to display this view. So I would like to disable this button but after some research on the web It seems difficult to do that. Some body talk about a workaround solution that is to have one route for the app but I don’t see how to do ? How can I solved this problem ? Thank you in advance for your help.

If back button navigates you to a location, it is definitely a location that your browser has seen as it is just a location popped from navigation history stack. This is standard Browser history API behavior. Also regarding access control, are you using Vaadin with Spring Security, and VaadinWebSecurity. If yes, you can annotate the view with @RolesAllowed and limit it. When doing so, there is internal BeforeEnter listener that will check @RolesAllowed and if user role is not right, it will bounce and user will not see the view. If you have a custom solution, you can add BeforeEnterObserver to views with restricted access, and check the user role, and use event.forwardTo to a safe place.

OK thank you. I use VadinWebSecurity so I’m going to parameter that. I will follow your advice with event.forwardTo ;-)