hi, i am performing a logout operation...when i clicked the logout link, the web site correctly direct me to the homepage...however when i press the back button it send me to the page where only a signedin user can access.. i used session.invalidate() to remove the session eventhough its not working... i even try to disable the session in the homepage but in vain.. thnx in advance
Joined: Oct 08, 2006
Unless your code logic is really bad, that page is just displayed from the browser cache. If you want to prevent this, you'll have to add cache control headers to the HttpServletResponse so that the webbrowser is forced not to cache the page.
Don't forget to clear the browser's cache before testing it again.
hi again, i've been able to solve my problem...i included thes lines and it works response.setHeader("Cache-control","no-store"); response.setHeader("Pragma","no-cache"); response.setDateHeader("Expires", -1);