[jbossseam-issues] [JBoss JIRA] Closed: (JBSEAM-4074) Internet Explorer 7.0 session cache not cleaned

Internet Explorer 7.0 session cache not cleaned ----------------------------------------------- Key: JBSEAM-4074 URL: https://jira.jboss.org/jira/browse/JBSEAM-4074 Project: Seam Issue Type: Bug Components: Security Affects Versions: 2.1.1.GA Environment: Windows XP Internet Explorer 7.0 Reporter: Shervin Asgari Our test developer found something quite strange. We have a page, which is restricted with a admin role. This is what he did to find the error: 1. Login as admin 2. Click on some of the admin stuff (creating users, listing users etc) 3. Copy url of the admin page 4. Logout 5. Login as user 6. Paste url of admin page Now in opera and firefox under Linux this didnt work. You got the error page with limited restriction message. However on windows and Internet Explorer 7, when pasting the url, you can view ALL the admin pages through the url. Listing the users, creating users, the home page of the admin etc. So seams like the cache of Internet Explorer is not properly cleaned. Now is this a bug in Seam or is the security in Internet Explorer?