I m trying to create a simple login application in jsp where i create a session allows the user to use certain features and then logout. Problem is that after the user logs out. I destroy all session objects and invalidate the session and redirect to welcome page still, on hitting the back button user can see the login pages, which ideally should not be navigable without login.
i have also used this code to disable caching
<head> <META HTTP-EQUIV="Cache-Control" CONTENT="no-cache"> <META HTTP-EQUIV="Pragma" CONTENT="no-cache"> <META HTTP-EQUIV="Expires" CONTENT="-1"> </head> ----//body tags <%response.setHeader("Cache-Control","no-cache"); response.setHeader("Pragma","no-cache"); response.setDateHeader ("Expires", 0 ---//my stuff %>
This code is on the page where i signout.
n this doesnt seen to help.....does anybody have ne idea how to do this?