[Catalyst] HOWTO: extend the Authentication tutorial example
and redirect to original URI
Bill Moseley
moseley at hank.org
Thu Mar 29 18:18:29 GMT 2007
On Thu, Mar 29, 2007 at 11:44:35AM -0500, Jay K wrote:
> Another thing to keep in mind here is that if you are not very
> particular with your cache-control headers - Many browsers will cache
> your page. So if you are accessing /articles/1723, and it detaches
> to the login procedure, when the user hits /articles/1723 again - it
> will often bring up the login page out of cache. You can avoid this
> if you are sure to set your cache control headers properly within
> your login action, but for this type of thing, I always try to use
> redirect, because it saves me trying to figure out what the hell is
> going wrong later.
I don't redirect as I like showing the URL of the page that requires
login. But, I'm also careful with cache control headers.
This always makes me wish for a 4xx code that could be returned to the
client but not force the browser to ask for authentication. After
all, the user is not currently authorized to view the page. And the
idea being that the browser would not cache the 4xx response.
--
Bill Moseley
moseley at hank.org
More information about the Catalyst
mailing list