Caching Problem on log off

Hi All,

I am facing a problem while developing web application,
when user get log off from my application i am removing the user object from the session so every new request now forcing user to provide valid user id/password

but if user click browser back button he is getting back to the previous page i.e secured page
i set the header from the server declared meta header in my jsp page then tested but problem was still there.

then in order to enhance the process i implimented SSL and now my applicationis running on secure port but it dosen't make any improvement in to my application

regarding using javascript i don't want to go for that option as javascript may be turned off at client side and its behaviour is not consistent

if any one have resolved this problem earlier pleaes share his experience with me so that i can move ahead

thanks in advance,
aum

Try this-
</BODY> <HEAD> <META HTTP-EQUIV="Pragma" CONTENT="no-cache"> <META HTTP-EQUIV="Expires" CONTENT="-1"> </HEAD> </HTML>

The pragma header has only effect on clients using HTTP 1.0.
The expires header has only effect on proxies.

Nowadays we use HTTP 1.1 since ages. For this you need to add a cache-control header as well.

Here is what Bauke was refering to:

<meta http-equiv="Cache-Control" content="no-cache">

This is all covered in the FAQs.

i tried all the things

even i used SSL for testing it all, but the problem is still there

Then you didn't clear the cache at both the server and the client before testing.