Win a copy of Terraform in Action this week in the Cloud forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Tim Cooke
  • Campbell Ritchie
  • Paul Clapham
  • Ron McLeod
  • Liutauras Vilda
Sheriffs:
  • Jeanne Boyarsky
  • Rob Spoor
  • Bear Bibeault
Saloon Keepers:
  • Jesse Silverman
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
Bartenders:
  • Piet Souris
  • Al Hobbs
  • salvin francis

Logging out problem in JSP

 
Ranch Hand
Posts: 49
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I'm using session.invalidate to logout from the session. After that I'm redirecting the user to the login page again. The problem I'm facing is that if the user clicks the back button of the browser, he's able to see the previous page details again. How do I prevent this ? If the user clicks back button after logging out he should get the message 'You are not logged in'.
How do I achieve this ?
PLease help.
Thanks
Seema
 
Ranch Hand
Posts: 45
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I don`t know how actually solve your problem,
however this problem should be related with browser`s cache mechanism. There should be some <meta .../> tag to disable both browser`s cache and proxy`s cache. This should be the direction toward solving the problem. Good luck!
 
Greenhorn
Posts: 24
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
By using if condition u can do this e.g.
if(session.getValue("usr")==null)
<jsp:forward page ="login.html"/>
 
Ranch Hand
Posts: 31
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Checking for the session value on the server side may not help as when u press the browser's back button, the page is displayed from the browser's cache. One way to prevent this is to avoid caching of the page by the browser as well as any proxy servers (if any).
Try this code in all your jsp pages which you don't want to be cached
<%
response.setHeader("Cache-Control","no-cache");
response.setDateHeader("Expires","0");
response.setHeader("Pragma","No-cache");
%>
For more information about tag-libs to prevent caching, go to http://javaboutique.internet.com/resources/books/JSP_SiteDesign/design1_3.html
[ January 27, 2002: Message edited by: Biju Nair ]
 
seema mani
Ranch Hand
Posts: 49
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks Biju
That worked just fine.
By the way, just wanted to mention that I'm also from TVPM,Kerala.
Thanks a lot.
Seema
 
Ranch Hand
Posts: 233
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hi
plz use this space for technical query rather then personal touch. You can make use of email faculty for the same.
Don't mistake. Let's make friends with all, rather then region specific.
-arun
 
Ranch Hand
Posts: 112
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello friends,
I am working on a huge project which have n number of JSPs and Servlets (going well over hundreds ). In our maintainance work we ahave been told about the similar probelem. i.e when the user logs out he should not be able to view his earlier pages using the browser Back button.
I know pragma \no-cache etc could have worked had it been in each and every JSP \ Servlet.But its not there and it is not feasable to change so many servlets \ JSPs
NOW !!! What can be done.
How do we clear the Browser history on Log out so that earlier pages are not seen.
Thanks in advance,
Milan Doshi
reply
    Bookmark Topic Watch Topic
  • New Topic