0

I am using Netbeans 6.9 and Glassfish 3.1 to create my web application. Now, I have session attribute checking on each jsp page. However, in the web browser it is not working properly. Example, suppose I have login.jsp -> bank-data.jsp -> logout.jsp. Now, I want, after logout, user should not be able to check bank-data.That's why, in bank-data.jsp, I put session attributes checking. However, in web browser I after logout, I can easily check bank-data, by going back. Now, after refreshing bank-data.jsp page, I found right output i.e. "user is not logged in". Can any body help me how to achive this without refreshing web browser ?

In short, how to delete all info about session from web browser and make each .jsp page to execute every time?

Ravindra Gullapalli
  • 9,049
  • 3
  • 48
  • 70
alessandro
  • 1,681
  • 10
  • 33
  • 54
  • 1
    Search for turning off caching. – Dave Newton Feb 04 '12 at 17:03
  • 1
    possible duplicate of [Prevent user from going back to the previous secured page after logout](http://stackoverflow.com/questions/4194207/prevent-user-from-going-back-to-the-previous-secured-page-after-logout) – BalusC Feb 06 '12 at 04:18

1 Answers1

-1

Disable back operation in your pages using the javascript like this.

<script type="text/javascript">
     window.history.forward(1);
</script>

with this, user won't be able to navigate back.

Ravindra Gullapalli
  • 9,049
  • 3
  • 48
  • 70