1

I want to disconnect user of the application, the disconnection goes well but when the user clicks on the arrow back from the browser it is back in the application: that's what I want to correct. here is my disconnection page

<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
     <meta charset="UTF-8">
     <title>Insert title here</title>
   </head>
   <body>

       ${session}.invalidate(); 
      <jsp:forward page="acceuil.jsp"> 
      <jsp:param name="msg" value="msg" /> 
      </jsp:forward> 

   </body>
</html>
Gabriel Amang
  • 11
  • 1
  • _it is back in the application_ - no, the user is not back in the application; the Back button just displays the previous page from the browser's cache, does not log the user back in. Although there are some ways (see e.g. https://stackoverflow.com/a/32736102/3511123, https://stackoverflow.com/a/14438212/3511123 and especially https://stackoverflow.com/a/2068407/3511123), none of them is 100% reliable. It is actually your job as the application developer, to prevent any action by not logged in user in the back-end part of the application. – Jozef Chocholacek Nov 21 '19 at 13:11

0 Answers0