• Post Reply Bookmark Topic Watch Topic
  • New Topic

Session Problem  RSS feed

 
Swathi Prakash
Ranch Hand
Posts: 49
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
i am using tomcat 5.0.

i create login page with username and password.then every page i displayed

the User name by creating Session.


my problem is i have logout option. if i click the

logout i invalidated the session. if i press the back button in browser the

previous pages r coming. my application is financial application. so i want

to keep those things secure. i want to do if i press back button ,i want to

redirect error page. plz help me

THANK U -----ADVANCE
[ January 30, 2005: Message edited by: Mark Spritzler ]
 
Gert Cuppens
Ranch Hand
Posts: 87
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
There's another way to prevent your pages from coming back when pressing the "back button". Prevent them from being put in the cache. Therefor, you should add the following lines to your JSP's :
<%
response.setHeader("Cache-Control","no-cache");
response.setHeader("Expires", "0");
response.setHeader("Pragma", "No-cache");
response.addHeader("Cache-control", "no-store"); // tell proxy not to cache
response.addHeader("Cache-control", "max-age=0"); // stale right away
%>
 
Consider Paul's rocket mass heater.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!