In my application I have a logout link on pages. This link control goes to 'Logout' action where I clean up the session variables and then invalidate the session with:
if I keep going back with the back key of my browser till the login page url, IE shows me the expired message. but if I referesh the page, it logs me in. Formbean values are still populated. Even though the scope of the form was 'request' in struts-config.xml
kindly guide, why it's happening and how to invalidate/nullify the form-bean values.
You take username and password and then store it in some session values. then use a new request (using redirect) to go to next page as login validation action class.
and while logout you use invalidate function... it will work...