Logout problem
Yong Ming Wai
Greenhorn
Posts: 12
posted 12 years ago
<%
// I invalidate all my session when i logout and comes on Login.jsp page but if i go back still it open
previous pages
How i can stop these
i am adding these line in avery jsp page
1)
response.setHeader("Pragma","no-cache");
response.setHeader("Cache-Control","no-cache");
response.setDateHeader("Expires", 0);
%>
2) and in Logout.jsp
session.invalidate();
response.sendRedirect("Login.jsp");
still on reaching login page i can move to previous page by clicking back button
// I invalidate all my session when i logout and comes on Login.jsp page but if i go back still it open
previous pages
How i can stop these
i am adding these line in avery jsp page
1)
response.setHeader("Pragma","no-cache");
response.setHeader("Cache-Control","no-cache");
response.setDateHeader("Expires", 0);
%>
2) and in Logout.jsp
session.invalidate();
response.sendRedirect("Login.jsp");
still on reaching login page i can move to previous page by clicking back button
alloyion
Rohit Bhagwat
Ranch Hand
Posts: 205
posted 12 years ago
Yes , You are right.
The only solution is you have to handle such situations. I mean you have to do little bit of coding to achieve this.
If you are familiar with javascript then use the following code in login.jsp
<script language="javascript">
history.forward(1);
</script>
What this code makes is that once you log out you will be directed to login.jsp page and once this page is displayed then even by clicking the browser back button you will see the same login page again and again. So in this way you can prevent the user going back to previous page once he is logged out.
I hope I am close to what you were expecting !!
Regards
Rohit.
The only solution is you have to handle such situations. I mean you have to do little bit of coding to achieve this.
If you are familiar with javascript then use the following code in login.jsp
<script language="javascript">
history.forward(1);
</script>
What this code makes is that once you log out you will be directed to login.jsp page and once this page is displayed then even by clicking the browser back button you will see the same login page again and again. So in this way you can prevent the user going back to previous page once he is logged out.
I hope I am close to what you were expecting !!
Regards
Rohit.
Adeel Ansari
Ranch Hand
Posts: 2874
Rohit Bhagwat
Ranch Hand
Posts: 205
Adeel Ansari
Ranch Hand
Posts: 2874
Lu Battist
Ranch Hand
Posts: 104
posted 12 years ago
I don't know of any way to disable the back / forward buttons reliably either.
However, if a user logs out and uses the back button to go back into your site and tries to submit(reSubmit) anything from that page, your code should recognize the session is not valid and forward the user to the login page.
However, if a user logs out and uses the back button to go back into your site and tries to submit(reSubmit) anything from that page, your code should recognize the session is not valid and forward the user to the login page.
Rohit Bhagwat
Ranch Hand
Posts: 205
posted 12 years ago
Hey..
Wait a min. When a user clicks the back button then the request is not sent to server instead the cached page from the client is displayed.
I want to prevent the user to go back to see the page if he /she has logged out. But how yahoo has managed it. I logged out of yahoo account and it prevented me to go back to previous page (It displayed the contents for few seconds !!)
So I guess the problem still persists posted by Yong Ming Wai..Right ?
Waiting for replies..
Regards
Rohit.
[ March 19, 2005: Message edited by: Rohit Bhagwat ]
Wait a min. When a user clicks the back button then the request is not sent to server instead the cached page from the client is displayed.
I want to prevent the user to go back to see the page if he /she has logged out. But how yahoo has managed it. I logged out of yahoo account and it prevented me to go back to previous page (It displayed the contents for few seconds !!)
So I guess the problem still persists posted by Yong Ming Wai..Right ?
Waiting for replies..
Regards
Rohit.
[ March 19, 2005: Message edited by: Rohit Bhagwat ]
posted 12 years ago
I agree with you !
Yong never told us if he was still able to access same session if he press back button.
but still there is a feature in yahoo that once user sign out he can not view the cached pages.
[ March 19, 2005: Message edited by: Shailesh Chandra ]
Originally posted by Rohit Bhagwat:
When a user clicks the back button then the request is not sent to server instead the cached page from the client is displayed.
I agree with you !
Yong never told us if he was still able to access same session if he press back button.
but still there is a feature in yahoo that once user sign out he can not view the cached pages.
[ March 19, 2005: Message edited by: Shailesh Chandra ]
Gravitation cannot be held responsible for people falling in love ~ Albert Einstein
