I'm using JSP, Java, JSTL, and Servlets to implement a basic store manager Web app.
I'm attempting to implement the PRG (POST-Redirect-GET) pattern on top of the MVC (Model-View-Controller) pattern.
I'm not sure if PRG is going to work for what I want.
I want a user to be able to log in, visit several logged-in-only pages, logout, and then when he refreshes, goes back (or forward), he is only taken to the login page.
The problem arises when a logged-in user goes to a logged-in-only page. response.sendRedirect(urlInStringForm)
kills all of the request parameters. Sure, you can store stuff in HTTP session, but if you have one PageController servlet, then that servlet will surely be looking for said session data... and the user ends up on the same page if he clicks back or forward (assuming forward goes to some other resource which is redirected to the PageController). I'd like to keep the 1-PageController approach if possible.
Seems like a lose-lose situation. Any workarounds?