In a login.jsp page, I logged in by a user. Now by pressing the back button we can move to the login page also. If I log in this time by different user then old session getting reflected. How can I invalidate a session when we move to the login page by using the back button?

Recommended Answers

All 2 Replies

Check if there is already existing session with logged user and then invalidate it.

Hi Friend,

I am facing the same problem.What i am actually trying to do is to logout of a session and on logout i invalidate the particular session.Fine on pressing the Back Button it again goes inside the protected page.What i did to this is setting the response header in that protected page such that the page is not stored in the local cache.So when i press back button after i logout it gives me a warning message (works well in IE not with opera) page is not available .Try Refresh.Ok when i click refresh it again gets the protected page which should not be.So on refreh i used a script which takes me to the {javascript:window.history.forward("index.html")} initial page and the issue is resolved .After clicking back it will now ask me to refresh on refresh it will take me to the login page.So my protected page is secure now...But i have continual pages from the protected pages which i feel the user should be able to use back once he uses the continual pages means i want the browser to say "Do not use the cache when the session is logeed out" or else "Use the Cache So that i can use back from the pages that continue from the password protected page.

Any Suggestions on How to approach this and a solution is highly appreciated

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.