Win a copy of Mesos in Action this week in the Cloud/Virtualizaton forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Logout problems

 
shashikant nagavarapu
Greenhorn
Posts: 26
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am facing a strange problem related to history. I am working on a web-application which requires authentication.Logging off
using the following code:

<%
response.addHeader("Cache-Control", "post-check=0, pre-check=0");
response.setHeader("Cache-Control", "no-store, no-cache, must-revalidate");
response.addHeader("Cache-Control", "post-check=0, pre-check=0");
if (session != null)
{
session.removeAttribute("sessionID");
session.removeAttribute("userID");
session.invalidate();
}
%>
<jsp:forward page="login.jsp" />

After this I see the login page.

The problem is if the user clicks back buton he sees the previous page
containing all information which I want to restrict. I am checking for
sessionID and userID in the header.jsp page common for all pages in
the application. But still the pages are being displayed based on history.

header.jsp code:

<%
if (((String)session.getAttribute("sessionID")) == null)
{
%>
<jsp:forward page="/login.jsp" />
<%
}
else if (((String)session.getAttribute("userID")) == null)
{
%>
<jsp:forward page="/login.jsp" />
<%
}
else
{
%>

show the page content



Any help would be appreciated.
Thanks
 
moh sak
Ranch Hand
Posts: 78
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi, try clearing the cach using this code, and please let me know if it does work or not
 
shashikant nagavarapu
Greenhorn
Posts: 26
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thankx for answer but it did not work. On clicking back the pages are still accessible with the content
 
Alec Lee
Ranch Hand
Posts: 569
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Are you sending out the above 3 response headers in all the restricted content pages as well? I normally do this with a NoCacheFIlter.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic