File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes JSP and the fly likes Logout problems Big Moose Saloon
  Search | Java FAQ | Recent Topics
Register / Login


Win a copy of Arduino in Action this week in the General Computing forum!

A special promo: Enter your blog post or vote on a blogger to be featured in an upcoming Journal
JavaRanch » Java Forums » Java » JSP
Reply Bookmark "Logout problems" Watch "Logout problems" New topic
Author

Logout problems

shashikant nagavarapu
Greenhorn

Joined: Jul 08, 2005
Posts: 26
posted private message
0
Quote
I am facing a strange problem related to history. I am working on a web-application which requires authentication.Logging off
using the following code:

<%
response.addHeader("Cache-Control", "post-check=0, pre-check=0");
response.setHeader("Cache-Control", "no-store, no-cache, must-revalidate");
response.addHeader("Cache-Control", "post-check=0, pre-check=0");
if (session != null)
{
session.removeAttribute("sessionID");
session.removeAttribute("userID");
session.invalidate();
}
%>
<jsp:forward page="login.jsp" />

After this I see the login page.

The problem is if the user clicks back buton he sees the previous page
containing all information which I want to restrict. I am checking for
sessionID and userID in the header.jsp page common for all pages in
the application. But still the pages are being displayed based on history.

header.jsp code:

<%
if (((String)session.getAttribute("sessionID")) == null)
{
%>
<jsp:forward page="/login.jsp" />
<%
}
else if (((String)session.getAttribute("userID")) == null)
{
%>
<jsp:forward page="/login.jsp" />
<%
}
else
{
%>

show the page content



Any help would be appreciated.
Thanks
moh sak
Ranch Hand

Joined: May 11, 2005
Posts: 78
posted private message
0
Quote
Hi, try clearing the cach using this code, and please let me know if it does work or not
shashikant nagavarapu
Greenhorn

Joined: Jul 08, 2005
Posts: 26
posted private message
0
Quote
Thankx for answer but it did not work. On clicking back the pages are still accessible with the content
Alec Lee
Ranch Hand

Joined: Jan 28, 2004
Posts: 569
posted
0
Quote
Are you sending out the above 3 response headers in all the restricted content pages as well? I normally do this with a NoCacheFIlter.
 
I agree. Here's the link: http://zeroturnaround.com/jrebel - it saves me about five hours per week
 
subject: Logout problems
 
Similar Threads
Session variables in Netscape 4.76?
Logout, Browser back button problem
What to the holy cache is that???
Disabling forward and back button in IE
Session is not working