Win a copy of Functional Reactive Programming this week in the Other Languages forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Browsing with the back button

 
Jason Kwok
Ranch Hand
Posts: 126
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I've made an application that shows user account information. The user can logout and I use session.invalidate() to remove the user information from the session.

In each .jsp page, I have code to check if the user info is null or not. If it is null, it's supposed to forward the user to the login screen which it does. However after a user logs out, if someone else were to come in and use the back button, they would see the user's account information. How can I stop this??
 
Scott Johnson
Ranch Hand
Posts: 518
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Adding this code to your jsp will cause most browsers to not cache the response:



See the spec for more info.
 
Jason Kwok
Ranch Hand
Posts: 126
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
That's perfect Scott, thank you so much!
 
A Kumar
Ranch Hand
Posts: 980
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You can also make use of filters that check whether the session is valid or not...
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic