Skip to Main Content

Broken Authentication and Session Management

Balu KJun 26 2014 — edited Jul 2 2014

Hi all,

I am using oracle apex 4.0 and database oracle 11g.

After login into application browse some internal authenticated pages and logout from the application. Now click on

back button of browser, we can get view authenticated pages.

I have followd the steps to build the application.:

Online application consists of 10 applications. Every application has one module.I have cretaed logout link in one application and created three templates like top(2),middle(3), bottom(4). All thease templates are calling in otherĀ  page (1).i have created logout link in top template

Allabove mentioned templates are created in in 120 application , remaining 9 applications calling in 120 apllication using list tabs.

On logoutĀ  i have written in top template( in page no 2) body

<a href="wwv_flow_custom_auth_std.logout?p_this_flow=120&p_next_flow_page_sess=120:1" target="_parent"><span>Logout</span></a>.

Please suggest me , How to kill sessions of all applications when click logout link.



Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked due to inactivity on Jul 30 2014
Added on Jun 26 2014