0

I Want to destroy a session in my project such that when I click on Logout, it goes to a page "KillSession.jsp" , in that file I've written "session.invalidate();" and then I redirect the user to the Login page. But if I use the back button on my browser, it goes back to the page I have visited before even when I've logged out. What to do?

Aniket Kibe
  • 41
  • 1
  • 2
  • please provide some more info, code, what framework are you working if any? – sheidaei Sep 12 '12 at 19:02
  • you could find your answer by doing some search on the net [link](http://stackoverflow.com/questions/49547/making-sure-a-web-page-is-not-cached-across-all-browsers?lq=1) – sheidaei Sep 12 '12 at 19:08

2 Answers2

1

Your browser caches it, You need to add header to force your browser not to force it

jmj
  • 225,392
  • 41
  • 383
  • 426
0

Make sure that you don't cache the last page before you log out. You could do something like:

response.setHeader("Cache-Control","no-cache,no-store,must-revalidate");
response.setHeader("Pragma","no-cache");
response.setDateHeader("Expires", 0);
Reimeus
  • 152,723
  • 12
  • 195
  • 261