Hello
We are using Vaadin Touchkit with Application Cache enabled. The Servlet is secured by a security constraint in the web.xml.
<security-constraint>
<display-name>SecureApplicationConstraint</display-name>
<web-resource-collection>
<web-resource-name>Site</web-resource-name>
<url-pattern>/contextpath/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>USER</role-name>
</auth-constraint>
</security-constraint>
After logging out of the application and making a reload a post request is made to
http://localhost:8000/app/contextpath?v-browserDetails=1&theme=mobile&v-sh=900&v-sw=1440&v-cw=1250&v-ch=287&v-curdate=1377014245182&v-tzo=-120&v-dstd=60&v-rtzo=-60&v-dston=true&v-vw=1250&v-vh=0&v-loc=http%3A%2F%2Flocalhost%3A7001%2Fapp%2Fconextpath&v-wn=app-747293330-0.8851576300803572&v-1377014245183
This happens in line 139 of vaadinBootstrap.js.
But
/contextpath
is secured and so the login page gets delivered, thus the applications gets not loaded and the user will not see the login page either. He has to change the url in the browser, which is not the desired behaviour.
Do you know any solution to this problem? What is the recommended way to handle such situations? Of course, this does not happen, if the application cache is disabled.
/Kind regards
Christian