Solved

How to disable the browser's forward button after logout?

Posted on 2006-07-06
5
462 Views
Last Modified: 2008-02-01
Hello,

I start-up my servlet based web-application by the LOG-IN screen, then I do all work etc.... Every Dynamic page
that is created within the system as a "LOGOUT" option. If the user clicks logout, I have set to go to the "LOGIN" screen (That's the initial screen that the system started"). But in my case eve after I redirect the LOGIN page, the browser's forward button is still active. So the user still can go to the session work he was doing. This is not right. How do I disable the forward button? or how do I not let go to the pages without logging in again?

prain
0
Comment
Question by:prain
5 Comments
 

Expert Comment

by:devildog1775
ID: 17054369
You must invaldate his existing session.  You have access to the HttpServletRequest object.  
Call request.getSession().invalidate(); and their session will be gone and they will be forced to login again.  

That said you will not be able to stop them from going back into their cache to retrieve old pages but if they make another request of your server they will be forced to log in again.

Hope this helps
0
 
LVL 8

Expert Comment

by:kaliyugkaarjun
ID: 17056359
devildog1775 is right..
U have to invalidate session after user logs out. So even if user goes forward (check shud me made if session is valid before forwarding to next page) he will be asked to login again..
0
 

Author Comment

by:prain
ID: 17059133
I am bit confused here. I am in the learning process. So If I ask you a dumb Questions, forgive me.

Ok, so, imagine that I have a link hilighted in red "Log Out" at the top of my working pages. So when the user clicks
this How Am I to invalidate?. Where in my servlet code should I do that?.
0
 
LVL 4

Expert Comment

by:Meritor
ID: 17064790
Just write the following in your servelet code

Assuming that you are calling a servlet onclick of logout.

inside your doGet/doPost/service method
public void doPost(HTTPServletRequest request,HTTPServletResponse response) thorws Exception
{
  request.getSession().invalidate();
 
}
0
 
LVL 5

Accepted Solution

by:
muktajindal earned 100 total points
ID: 17071971
In case you want to disable the browser back button functionality, you can add the following code to your jsps

      <SCRIPT LANGUAGE="JavaScript">
            <!--
            javascript:window.history.forward(1);
                //-->
      </SCRIPT>
         
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Scenario: Your operations manager has discovered an anomaly in your security system. The business will start to suffer within 15 minutes if it is a major IT incident. What should she do? We have 6 recommendations for managing major incidents (https:…
We need a new way to communicate time sensitive or critical info.   The best part of my role at xMatters is visiting our clients all over the world to learn about how they operate their businesses, share insights that xMatters has gleaned across…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now