Block the forms after logout in ASP .Net 2.0

good old html tags will say the page is expired:
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
<META HTTP-EQUIV="Expires" CONTENT="-1">

i tried, but i still could go back.

Your correct in stating that disabling the IE back button is not a good way to trap this event. First of all this will not work for any non IE users, so unless you are rolling your application out in an intranet envirnoment I would suggest otherwise. Also i do not think users would be happy with you trying to hijack their browsers and disable thier standard options. I would say the best way to do this is to write code in the Page_Init event of the forms page to determine whether the user is logged in or not. If the user is not authenticated redirect them to the login page or display a custom message stating they must be loggin in to view the forms.  

but that event won't fire, it will show him the page in memory.

try these:
      Response.AddHeader "Pragma", "no-store"
      Response.Cache-Control = "no-store"
      Response.Expires = -1

how do I determine whether the user is logged in or not in the page_init?

sign them out before the redirect also, it's probably not even hitting that code.

yeah, my bad, i've changed that, now I signed the user out first and then redirect:

System.Web.Security.FormsAuthentication.SignOut()
Response.Redirect("~/Login.aspx", True)

but i still could go back,

btw, where should i use this code?

     Response.AddHeader "Pragma", "no-store"
     Response.Cache-Control = "no-store"
     Response.Expires = -1


thanks

in the page_load function

you dont want to program page redirection in the page_load event.

thanks, this works perfectly!

Response.Cache.SetCacheability(HttpCacheability.NoCache);