how to make logout page?

I'm making a JSP application and I want that when user clicks on the log out button then he must be presented
with a login page
so this I'm able to do
by invalidating the session object
and redirecting to login page...
but now in addition to it I want that when the user clicks the back button of the browser button, he must not
be able to go back but instead he must be given the login page only
thanx in advance for the reply

IT Revolution
Welcome to the Java Ranch, we hope you�ll enjoy visiting as a regular however,
your name is not in keeping with our naming policy here at the ranch. Please change your display name to an appropriate name as shown in the policy.
Thanks again and we hope to see you around the ranch!!

As for your problem: set a variable in the session. Then just check on each of your pages to see if they are logged in or not. If not then redirect to the login page.

you can do that using javascript, for the page from which u can logout, u can use something like
this
<script language="JavaScript">
javascript:window.history.forward(1);
</script>
this will always fwd the user to the next page
HTH
Sahil

Hi
thanx for the reply..but please can you tell me how to check the user action so that we can redirect him to the Login page..like how can we check the user action that he is clicking the back button of the browser?
thanx for the reply...

Bip Bob
Please do not cross post your questions to multiple forums. Most of the visitors here read in many of the forums and it is frustrating to see the same question repeated over and over. You have a better chance of getting a correct and timely answer if you post it to the most appropriate forum instead of using the shotgun approach and hoping you'll hit something.
[ July 11, 2002: Message edited by: Dave Vick ]

As told by u I tried the following code:-
<html>
<head>
<script language="JavaScript">
javascript:window.history.forward(1);
</script>
</head>
<body>
<%
session.invalidate();
response.sendRedirect("Login.jsp");
//or use <jsp:forward page="Login.jsp">
//or use <jsp:include page="Login.jsp">
%>
</body>
</html>

but still it goes back....which is the appropriate method to implement this?

There is a (partial) answer to your question in the original post you made in JSP...

Piyush links you to an article describing how to turn off page caching. It's a known 'difficulty' to get all browsers to behave properly, and IE seems to be the bad-guy in most cases, but this is your best option.

Let's imagine a sequence of pages: page1, page2, page3, page4. As a real-world example, lets say that pages 1-3 are a wizard (a bunch of forms) and page4 logs you out of the application. There is just *no* way to determine if a user's request for page3 was because they clicked on the link or submit button on page2, or if they used the browser's back button from page4.

The difficulty is this: the browser either caches the page, and so a 'back button' doesn't actually hit the server-side again, or the browser will re-submit the original request, and so a back-button from page4 to page3 looks to the server like a request from page2 to page3.

Solution:
implement the no-cache strategy to force each request to hit the server side, thus ensuring you can make 'state' checks.

The second half of this is: On *every* single request, check to see if they are logged in (if their session is valid). If page4 invalidates their session (it logs them out) and they make a request for any other page, including by means of using the back button, then the fact they are logged out can be caught, and they will re-direct to a login page.
[ July 11, 2002: Message edited by: Mike Curwen ]

thanx Mike for the response
I hope that this will solve my problem...