Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

How to disable the browser's forward button after logout?

Posted on 2006-07-06
5
Medium Priority
?
476 Views
Last Modified: 2008-02-01
Hello,

I start-up my servlet based web-application by the LOG-IN screen, then I do all work etc.... Every Dynamic page
that is created within the system as a "LOGOUT" option. If the user clicks logout, I have set to go to the "LOGIN" screen (That's the initial screen that the system started"). But in my case eve after I redirect the LOGIN page, the browser's forward button is still active. So the user still can go to the session work he was doing. This is not right. How do I disable the forward button? or how do I not let go to the pages without logging in again?

prain
0
Comment
Question by:prain
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 

Expert Comment

by:devildog1775
ID: 17054369
You must invaldate his existing session.  You have access to the HttpServletRequest object.  
Call request.getSession().invalidate(); and their session will be gone and they will be forced to login again.  

That said you will not be able to stop them from going back into their cache to retrieve old pages but if they make another request of your server they will be forced to log in again.

Hope this helps
0
 
LVL 8

Expert Comment

by:kaliyugkaarjun
ID: 17056359
devildog1775 is right..
U have to invalidate session after user logs out. So even if user goes forward (check shud me made if session is valid before forwarding to next page) he will be asked to login again..
0
 

Author Comment

by:prain
ID: 17059133
I am bit confused here. I am in the learning process. So If I ask you a dumb Questions, forgive me.

Ok, so, imagine that I have a link hilighted in red "Log Out" at the top of my working pages. So when the user clicks
this How Am I to invalidate?. Where in my servlet code should I do that?.
0
 
LVL 4

Expert Comment

by:Meritor
ID: 17064790
Just write the following in your servelet code

Assuming that you are calling a servlet onclick of logout.

inside your doGet/doPost/service method
public void doPost(HTTPServletRequest request,HTTPServletResponse response) thorws Exception
{
  request.getSession().invalidate();
 
}
0
 
LVL 5

Accepted Solution

by:
muktajindal earned 400 total points
ID: 17071971
In case you want to disable the browser back button functionality, you can add the following code to your jsps

      <SCRIPT LANGUAGE="JavaScript">
            <!--
            javascript:window.history.forward(1);
                //-->
      </SCRIPT>
         
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A while back, I ran into a situation where I was trying to use the calculated columns feature in SharePoint 2013 to do some simple math using values in two lists. Between certain data types not being accessible, and also with trying to make a one to…
Instead of error trapping or hard-coding for non-updateable fields when using QODBC, let VBA automatically disable them when forms open. This way, users can view but not change the data. Part 1 explained how to use schema tables to do this. Part 2 h…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question