How authorization works in the following case?
When a user having userid as abc with administrator rights accessess a web page, we copy the url of that page and logout. Now another user having userid xyz with lower authorization than administrator accesses the page. We paste the url. If the user xyz is not authorized then the user shouldn’t get the page without loging in.
Is it possible just having authorization or do we need to use some javascript code to delete cookie and history information?