Hi all
I am sure most you have heard about (and even contributed to) the solution of this problem. This is my logout code:
in my
servlet's doPost() code, before attending to any user request I first check her validity by
This approach works fine. The user however, is able to come back to the "page before logout.jsp" by using browser's back button. Although she is not able to do any processing there because session has already been invalidated, the information of the page is nonetheless visible. I do understand that this is a caching problem. Searching amply on this forum, i pasted the following in the beginning of all my jsps.
I do not know what it does
exactly, but common sense and guesswork tells me that it instructs the browser to "not store anything in it's cache".
First question: am I doing it right ? Is this all that has to be done? Simply pasting the above snippet (with offcourse, the server side code to check for user authenticity- i know that is my responsibility). Also, do i need to paste it in ALL jsps. Any way i can use the deployment descriptor here. Or is this page specific. The browser only "does not" cache pages that have this on top.
If yes, then apparently I am not getting the desired results. Now when I click the back button, all I see is that browser specific "page cannot be displayed" message. The surprising part is that this happens even when the user has not logged out and is very much in session.
Important: I placed breakpoints at doGet() and doPost() and i find that clicking back button is not even bringing the control to server. Perhaps that is the reason I see that typical browser message.
Why is it so ? Is it because:
The above snippet will only prevent anything from caching. It will not ask browser "to query the server". Back buttons are not for querying the server. The user has to explicitly hit refresh for that.
This is all I can think of right now. If it is in correct direction, what is the work around ? I don't want to rely on user's intuitive sense. What should i do when user clicks back button. If possible, please do not suggest javascript. I am a beginner and focussing on server side for the moment.
Thanks