• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

controlling browsers back button

 
Ranch Hand
Posts: 108
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
i have developed a website.in that when the user clicks logout button,i am showing a page saying that he has logged out.here if the user clicks browsers back button,instead of going back to previous page i want to redirect the user to login page.
how can i do this.
thanks in advance
 
Ranch Hand
Posts: 100
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
i donno how to do that...
but u can disable caching in following manner.. you might be aware of this.. but still i am posting this piece of code to disable cache so that if you click back button the inforamtion of the last page could not be viewed..

also i think that thing what u r asking if can be done then i think most probably with help of JavaScript only and not JSP...
and lastly if that is possible i would also love to knnow..
Thanks
Amit
 
Greenhorn
Posts: 8
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
When the user clicks the logout button, instead of going straight to the logout page, go to an intermediate page which performs an instantaneous META REFRESH to the real page you want.
If they then click BACK, it will simply flick and display the logout page; which could contain the LOGIN input details.
 
jyothsna kumari
Ranch Hand
Posts: 108
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hai,
thanks for responding.i placed the code which u have given in my logout jsp page.but still the history is available and it is going to the previous page.pls help me
 
Ranch Hand
Posts: 3244
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
mintu
The easiest way to do this would be to use sessions. I assume that if there is a log out that there is also a login page. When the user logs in set a session variable indicating that they have logged in. Then on each page of the application you can check that session variable and if it doesn't exist (they tried t go directly to the page, or the session timed out, or they logged out) then they get redirected to the login page. Then on your log out page all you need to do is invalidate the session.
Hope that helps
 
jyothsna kumari
Ranch Hand
Posts: 108
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hai Dave,
thanks for responding.it really helped me
 
Amit KumarS
Ranch Hand
Posts: 100
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hiii dave..
i think by invalidating the session i don't think it will stop the user from hitting the back button and goign to previous page.. i admit her will not be able to acces that page by refreshing that page or clicking on some link...
but he will definetaly we able to view the information in those pages... so do we have any option like making cache off and also like the original post of disabling the browsers back button..
Thanks in Advace
Amit
 
jyothsna kumari
Ranch Hand
Posts: 108
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hai Dave,
i used sessions variables as u said and invalidated the session variables in logout page.and used response.sendredirect("USDA_Homepage.jsp") if session is invalidte,but it didn't worked.even i used <jsp:forward page="USDA_Homepage.jsp" />.stille this also didn't worked.
pls help me how can i do.
thanks
 
Amit KumarS
Ranch Hand
Posts: 100
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hi mintu..
what is excatly that is happening.... 'cause u need to remember few things... like hsp page autmoatically creates a new session each time the page is visited..
to stop this either u need to write
<%@ page session="false" %>
(but in this case you will not get the access to session variable in your page)
or
u will have to check on each page like
<% session = request.getSession(false) %>
<% if (session == null) {
response.SendRedirect("/application/some.jsp");
}
%>
if you have done this then what is excatl;y that is happening.. let me know the excat flow..
Thanks
Amit
 
jyothsna kumari
Ranch Hand
Posts: 108
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hai Amit,
lets say we have login.jsp,temp.jsp and logout.jsp(in that order)
in logout.jsp i used <%session.invalidate();> which invalidates the session variables used.in that page if we click browser's back button it goes to temp.jsp page.in temp.jsp page i am checking whether a particular session variable is valid or not.if not redirecting to login.jsp.
but though i nvalidated the session variables,it is not redirecting to login.jsp.
this is what i used in temp.jsp
<%if (session.getAttribute("PrimaryPhone")==null){%>
<%response.sendRedirect("login.jsp");%>
<%}%>
thanks
 
Amit KumarS
Ranch Hand
Posts: 100
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
No mintu..
u got it wrong... actually when u hit back button of the browser.. the browser picks up the page from the cache and doesnot go to the server.. so it won't have any effect...
but after hitting back button u click on refresh button or click on any link then the request will go to browser and at that time the page will be checked and then redirected.. so, just by clicking on back button won't have any effect..
you need to disable the caching.. so, after disabling the caching.. when user hits the back button then a page will come saying "This page has expired!!" and then if he clicks on refresh then he will be redirected to Login.jsp
Any other queries please revert back..
Thanks
Amit
 
jyothsna kumari
Ranch Hand
Posts: 108
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
ya i got it,
but how to clear the cache?
i used the code which u have given.
but no use.if u have done anything of this sort
then pls send me .
btw my name is jyothsna
 
Amit KumarS
Ranch Hand
Posts: 100
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hi jyothsna..
u can put the following code between <head></head> tags of ur JSP pages to disable cache..

Let me know if it works or not??
Thanks
Amit
 
jyothsna kumari
Ranch Hand
Posts: 108
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hai Amit,
i have placed the code as u told in login.jsp page.but when the user from logout.jsp clicks to go to login.jsp i am redirecting.but here from login.jsp if the user clicks browser's back button it is going back to logout.jsp page which i don't want.
from this it's implies that memory is not cleared though the code is placed.
i don't want the user to go to logout.jsp from login.jsp if the user clicks back button.
thanks
 
Amit KumarS
Ranch Hand
Posts: 100
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hi jyothsna
lets clear a few things first...
suppose you are in logout.jsp and u click on a link which redirects the user to login.jsp but when user hits back button here in login .jsp then u don't want the user to show logout.jsp.. u want him to show login.jsp instead..

now few things...
it is not possible atleats for me to stop a user from going back... as i donno the code to disable the back button..
but what we can do instead is that
1. we can write this

in the <head></head> tag of logout.jsp..
this will not allow the browser to cache the page and when user clicks back button then he will get a message as
This Page has Expired
2. now to achieve the second part.. i.e. redirecting the user to login.jsp
now suppose we are in logout.jsp and clicked on link ot go to login.jsp and then hit the back button.. this will give the error page.
and now i say refresh .. here we can send the user to login.jsp
for this u will have to write the following code in logout.jsp

this code will force the user to go to login.jsp
i will be surprised to know if this doesn't work as it works for me..
if some error comes then let me know the excat error message and the excat flow.. then i might be avle to help in much better way..
Thanks
Amit
 
author
Posts: 15385
6
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You really need to look at the server side approach in more detail. You need to cancel the page from the server and not client side, jsp has to have a no-cache thing. I know that .Net does because I use it on every page in my helpdesk system that I am developing. I am not a jsp expert so I can not say exactly what to do.
All I can say is: META TAGS DO NOT WORK!!!
IE skips them, I remember an article from msdn that said to add them after the closing body tag in case the complier skipped them in the head. Wanna talk about browser compliance! My rant for the day!
Depending on client side technology does not work esp. if the person turns javascript off. If you look at this thread: https://coderanch.com/t/113296/HTML-JavaScript/NOT-Cache
I have written stuff on the back button. People disable it with an easy statement, I have the code on my site, but these ways are not solutions, they are problems in the making. The artitecture behind your application needs to find the solution.
Yes I am in a cranky mood today.
Eric
 
Sheriff
Posts: 67746
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Understandable Eric, dealing with IE's "we don't have to conform to standards, we ARE the standard" attitude makes me cranky on an ongoing basis!
Thanks for adding the meta tag info to the discussion.
bear
 
Author
Posts: 399
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hi jyothsna...
Have you tries Gary's suggestion, that is one of the best, keeping an intermediate page between the logout click & the final logout display page. In this was, if the user clicks the back button, it'll go to the intermediate page, that has nothing to do, where you can chk for the session, or but some javascript that advances by one page if you click from logout page, or you can check for session, & if it is null, the request can be redirected to the login page.
hth
MB
 
Eric Pascarello
author
Posts: 15385
6
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
'but if the person has javascript disabled: 30% of users in the last survey I saw, they will not be effected by this.....
If this was in intranet page, i would not worry about javascript being off.
Eric
 
Ranch Hand
Posts: 1873
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi all,
I know this issue and the problem here is browser puts the content page that we see after login in history. So, Back button will go to that page even after we say logout and cache disability directives don't work many times as observed.
My solution is,
"if we remove the content page url from the browser's history then it work". By this I mean, if we have three page,
login.jsp
page1.jsp
and logout.jsp
On page1.jsp if we have a logout button which leads us to logout page that invlidates the session then we want to remove "page1.jsp" from the browser's histroy.
Now, here is my code that I tested on my local machine's Tomcat and it works.

so, Mintu, you will have to put this kind of hyperlink for logout on your "temp.jsp" that you refer in some of the post as content page...

NOTE:
Here, I have spelt onKlick to avoid the posting error I was getting. Please correct it in your code.
Hope this is helpful.
Regards
Maulin
 
Maulin Vasavada
Ranch Hand
Posts: 1873
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
sorry guys,
please put following in case of "logout()" call I make in my code,

this HTML error message harased me and I messed up
Regards
Maulin
 
jyothsna kumari
Ranch Hand
Posts: 108
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hai all,
my sincere thanks to all who have responded.i got the solution which had included help from many of u.as somebody said, meta tags do not work.so i tried for other option.
actually from page1.jsp i am using another intermediate page where i am using "window.location.href = "Logout.jsp";".By this in the logout page if user clicks back button it doesn't go to previous page and stays there.
and in logout page i am killing the session variables.This has served my purpose.
jyothsna
 
reply
    Bookmark Topic Watch Topic
  • New Topic