hi, i am performing a logout operation...when i clicked the logout link, the web site correctly direct me to the homepage...however when i press the back button it send me to the page where only a signedin user can access.. i used session.invalidate() to remove the session eventhough its not working... i even try to disable the session in the homepage but in vain.. thnx in advance
Unless your code logic is really bad, that page is just displayed from the browser cache. If you want to prevent this, you'll have to add cache control headers to the HttpServletResponse so that the webbrowser is forced not to cache the page.
Don't forget to clear the browser's cache before testing it again.
Joined: Dec 26, 2008
hi again, i've been able to solve my problem...i included thes lines and it works response.setHeader("Cache-control","no-store"); response.setHeader("Pragma","no-cache"); response.setDateHeader("Expires", -1);