This week's book giveaway is in the Servlets forum.
We're giving away four copies of Murach's Java Servlets and JSP and have Joel Murach on-line!
See this thread for details.
The moose likes Servlets and the fly likes logout by disabling back button Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Java » Servlets
Reply locked New topic

logout by disabling back button

sandy indira

Joined: Feb 03, 2010
Posts: 13
hello friends...
i am a new user...

i am creating a web appliction in which i want
if the user is been logout once then he should not be able to access the home page by simply pressing the back button...
i tried different things but it didn't work...

please help...


home page



so pleases help me friends... logout by diabling the back button
Bear Bibeault
Author and ninkuma

Joined: Jan 10, 2002
Posts: 60748

Please be sure to use code tags when posting code to the forums. Unformatted code is extremely hard to read and many people that might be able to help you will just move along to posts that are easier to read. Please read this for more information.

You can go back and change your post to add code tags by clicking the button on your post.

[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
Charles 'King
Ranch Hand

Joined: Jul 05, 2009
Posts: 56

2 things:

1. Please store your attribute in a session, not the request: NOT this request.setAttribute("uname",name);

2. Disable the browser's cache otherwise the user can preview the previous cached page. The homepage should have a check for whether the username stored in the session is null. As an aside, preview authentication standards from other sources, google it
Seetharaman Venkatasamy
Ranch Hand

Joined: Jan 28, 2008
Posts: 5575

Welcome to Javaranch Sandeep.

also Have a look at this
sandy indira

Joined: Feb 03, 2010
Posts: 13
guys still i am in the same problem...can anyone give me any suggestions to handle it on server side...

after logout the user is sent back to the login page and there if he press the back button the request should go to the controller and
check whether is he properly logged in if yes allow him other wise display the login page...

help guys give me some nice code for this...
Venu Chakravorty
Ranch Hand

Joined: Aug 19, 2009
Posts: 46
Hi, Sandy
Create a Cookie object and send it (response.addCookie(Cookie)) when the user logs in. Before a secure page loads, check whether this cookie exists.
Upon logout delete this cookie (using 'setMaxAge(0)' and then send it).
Bear Bibeault
Author and ninkuma

Joined: Jan 10, 2002
Posts: 60748

There only needs to be one topic on this subject. Closing this one.
I agree. Here's the link:
subject: logout by disabling back button
Similar Threads
Problem with JSPs in web application
How to handle back button caching
problem using html:link
Logout functionality not working properly
SessionServlet and Login.jsp