Spring Security Logout Back Button

Question

Does spring security have a way to prevent the last point below? I\'m using 3.0.5

-user logs into my website -user goes to any page in website and clicks log out -l

Answer 1

If you, like me, didn't get it working after using c12's caching filter, and you are using make sure you don't need the auto-config="true" part anymore. It (looks like it) adds http basic authentication which does not handle logging out by protocol! This results in that you can GET your logout URL but hitting the back button will just bring you back since you're not really logged out.