aspose file tools*
The moose likes JSP and the fly likes Logout problems Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Java » JSP
Bookmark "Logout problems" Watch "Logout problems" New topic
Author

Logout problems

shashikant nagavarapu
Greenhorn

Joined: Jul 08, 2005
Posts: 26
I am facing a strange problem related to history. I am working on a web-application which requires authentication.Logging off
using the following code:

<%
response.addHeader("Cache-Control", "post-check=0, pre-check=0");
response.setHeader("Cache-Control", "no-store, no-cache, must-revalidate");
response.addHeader("Cache-Control", "post-check=0, pre-check=0");
if (session != null)
{
session.removeAttribute("sessionID");
session.removeAttribute("userID");
session.invalidate();
}
%>
<jsp:forward page="login.jsp" />

After this I see the login page.

The problem is if the user clicks back buton he sees the previous page
containing all information which I want to restrict. I am checking for
sessionID and userID in the header.jsp page common for all pages in
the application. But still the pages are being displayed based on history.

header.jsp code:

<%
if (((String)session.getAttribute("sessionID")) == null)
{
%>
<jsp:forward page="/login.jsp" />
<%
}
else if (((String)session.getAttribute("userID")) == null)
{
%>
<jsp:forward page="/login.jsp" />
<%
}
else
{
%>

show the page content



Any help would be appreciated.
Thanks
moh sak
Ranch Hand

Joined: May 11, 2005
Posts: 78
Hi, try clearing the cach using this code, and please let me know if it does work or not
shashikant nagavarapu
Greenhorn

Joined: Jul 08, 2005
Posts: 26
Thankx for answer but it did not work. On clicking back the pages are still accessible with the content
Alec Lee
Ranch Hand

Joined: Jan 28, 2004
Posts: 569
Are you sending out the above 3 response headers in all the restricted content pages as well? I normally do this with a NoCacheFIlter.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Logout problems