Win a copy of Terraform in Action this week in the Cloud forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Tim Cooke
  • Campbell Ritchie
  • Paul Clapham
  • Ron McLeod
  • Liutauras Vilda
Sheriffs:
  • Jeanne Boyarsky
  • Rob Spoor
  • Bear Bibeault
Saloon Keepers:
  • Jesse Silverman
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
Bartenders:
  • Piet Souris
  • Al Hobbs
  • salvin francis

Logout problem

 
Greenhorn
Posts: 12
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
<%
// I invalidate all my session when i logout and comes on Login.jsp page but if i go back still it open
previous pages
How i can stop these
i am adding these line in avery jsp page
1)
response.setHeader("Pragma","no-cache");
response.setHeader("Cache-Control","no-cache");
response.setDateHeader("Expires", 0);
%>

2) and in Logout.jsp
session.invalidate();
response.sendRedirect("Login.jsp");

still on reaching login page i can move to previous page by clicking back button
 
Ranch Hand
Posts: 205
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Yes , You are right.

The only solution is you have to handle such situations. I mean you have to do little bit of coding to achieve this.

If you are familiar with javascript then use the following code in login.jsp

<script language="javascript">
history.forward(1);
</script>

What this code makes is that once you log out you will be directed to login.jsp page and once this page is displayed then even by clicking the browser back button you will see the same login page again and again. So in this way you can prevent the user going back to previous page once he is logged out.

I hope I am close to what you were expecting !!

Regards
Rohit.
 
Ranch Hand
Posts: 2874
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Very clever Rohit.
Does it work if we use drop-down of browers' back button?
 
Rohit Bhagwat
Ranch Hand
Posts: 205
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Yes ..you are right

I didnt thought about that..

Sorry for previous post

Regards
Rohit.
 
Adeel Ansari
Ranch Hand
Posts: 2874
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by Rohit Bhagwat:
Yes ..you are right

I didnt thought about that..

Sorry for previous post



Dont be sorry mate. It was a nice thought, though.
Actually Back button has the power.
 
Ranch Hand
Posts: 104
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I don't know of any way to disable the back / forward buttons reliably either.

However, if a user logs out and uses the back button to go back into your site and tries to submit(reSubmit) anything from that page, your code should recognize the session is not valid and forward the user to the login page.
 
Rohit Bhagwat
Ranch Hand
Posts: 205
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hey..

Wait a min. When a user clicks the back button then the request is not sent to server instead the cached page from the client is displayed.

I want to prevent the user to go back to see the page if he /she has logged out. But how yahoo has managed it. I logged out of yahoo account and it prevented me to go back to previous page (It displayed the contents for few seconds !!)

So I guess the problem still persists posted by Yong Ming Wai..Right ?

Waiting for replies..

Regards
Rohit.
[ March 19, 2005: Message edited by: Rohit Bhagwat ]
 
Ranch Hand
Posts: 1087
Oracle Spring Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by Rohit Bhagwat:

When a user clicks the back button then the request is not sent to server instead the cached page from the client is displayed.


I agree with you !

Yong never told us if he was still able to access same session if he press back button.

but still there is a feature in yahoo that once user sign out he can not view the cached pages.
[ March 19, 2005: Message edited by: Shailesh Chandra ]
 
reply
    Bookmark Topic Watch Topic
  • New Topic