• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

how to kill a session

 
ali sookun
Greenhorn
Posts: 10
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hi, i am performing a logout operation...when i clicked the logout link, the web site correctly direct me to the homepage...however when i press the back button it send me to the page where only a signedin user can access..
i used session.invalidate() to remove the session eventhough its not working...
i even try to disable the session in the homepage but in vain..
thnx in advance
 
Bauke Scholtz
Ranch Hand
Posts: 2458
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Unless your code logic is really bad, that page is just displayed from the browser cache. If you want to prevent this, you'll have to add cache control headers to the HttpServletResponse so that the webbrowser is forced not to cache the page.

Don't forget to clear the browser's cache before testing it again.
 
ali sookun
Greenhorn
Posts: 10
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hi again, i've been able to solve my problem...i included thes lines and it works
response.setHeader("Cache-control","no-store");
response.setHeader("Pragma","no-cache");
response.setDateHeader("Expires", -1);
 
Bauke Scholtz
Ranch Hand
Posts: 2458
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You're welcome.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic