M
misra.manisha
Hi,
Let me give a brief first. When someone logs in my application with
correct username and password, I set a session attribute, say "user"
with his username.
When he logs out, I invalidate the session and remove the attribute
"user". In each of the protected pages, I check for the session
attribute "user". If it exists, I proceed, else I rdirect to login
page.
Btw, I am also using frames when the user logs in.
Everything is working as I want it to. Except one thing! After the user
logs out and then goes back using "back" button of the browser, the
page displayed says that he has been logged out and needs to login
again. But if he refreshes the page (after going "Back"), the page
reloads with correct information, as if he is already logged in.
What do I do to prevent this?
I am fairly new to JSP. So, maybe I am missing out on something....
Please help.
Let me give a brief first. When someone logs in my application with
correct username and password, I set a session attribute, say "user"
with his username.
When he logs out, I invalidate the session and remove the attribute
"user". In each of the protected pages, I check for the session
attribute "user". If it exists, I proceed, else I rdirect to login
page.
Btw, I am also using frames when the user logs in.
Everything is working as I want it to. Except one thing! After the user
logs out and then goes back using "back" button of the browser, the
page displayed says that he has been logged out and needs to login
again. But if he refreshes the page (after going "Back"), the page
reloads with correct information, as if he is already logged in.
What do I do to prevent this?
I am fairly new to JSP. So, maybe I am missing out on something....
Please help.