[
https://issues.apache.org/jira/browse/OFBIZ-9302?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15954880#comment-15954880 ]
Jacques Le Roux commented on OFBIZ-9302:
----------------------------------------
What I mean is it's only a local issue as long as someone has not been able to take the control of your machine (it's only in your local machine cache); wich anyway would be a much greater problem than this. But it's still weird for FF and IE :/ I'll try to investigate there...
I'll also check if older versions have this problem or not...
> logout security
> ---------------
>
> Key: OFBIZ-9302
> URL:
https://issues.apache.org/jira/browse/OFBIZ-9302> Project: OFBiz
> Issue Type: Bug
> Components: ALL APPLICATIONS
> Affects Versions: Release Branch 16.11
> Reporter: Moatasim Al Masri
> Attachments: logout2.wmv, logout.wmv
>
>
> am trying to check OFBIZ security authentication, and I found when we logedout the session still open in browser, that if we press back from browser we can reopen the session and continue see our application without any authentication.
> please see the video attached : logout.wmv
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
Locked
