Can anyone please tell me how to stop the user from visiting the previous pages after the user has logged out? I am using JSF and I have applied filters to prevent access to secure pages but after logging out I can see the previous visited pages.
I know this is the problem with browser cache but there must be some way as Google and every other website does prevent going back.
What the user is viewing is from the cache you can prevent caching by adding
<meta HTTP-EQUIV="Pragma" content="no-cache"> and
<meta HTTP-EQUIV="Expires" content="-1">
this will cause the browser to issue new request to your server and since you have filter to protect your pages it should forward the user to the login form