I have an application developed in struts1.2. When i click on logout, it get me on login page and make session invalidated.
When i hit browsers back button it shows a message "This page has been expired" on IE. When i refresh that page it get me logged in.
I have used "no-cache" mechanism on each jsp page.
Hi there, this problem is discussed here more than couple of times. here & here are the resolved ones. Try out and see if it could help you.
To me personally, trying something at the browser level(possibility that client tweaks the browser) is not the elegant way of solving the issue. May you have a session listener/tracker to redirect the invalid user.
Have Fun with Java
little,little.. little by little makes a lot..