At signout of user, this method is hit. But on pressing back button user data is getting leaked (not getting logged in again).
@RequestMapping(value = {"signout"})
public String signout(HttpServletRequest req, ModelMap map) {
this.objSession = req.getSession(false);
if (this.objSession.getAttribute("userid") != null) {
this.objSession.removeAttribute("userid");
this.objSession.removeAttribute("usertype");
// this.objSession.invalidate();
Cookie c = new Cookie("JSESSIONID", null);
}
return "redirect:/home.htm";
}