Solved

How to disable the browser's forward button after logout?

Posted on 2006-07-06
5
467 Views
Last Modified: 2008-02-01
Hello,

I start-up my servlet based web-application by the LOG-IN screen, then I do all work etc.... Every Dynamic page
that is created within the system as a "LOGOUT" option. If the user clicks logout, I have set to go to the "LOGIN" screen (That's the initial screen that the system started"). But in my case eve after I redirect the LOGIN page, the browser's forward button is still active. So the user still can go to the session work he was doing. This is not right. How do I disable the forward button? or how do I not let go to the pages without logging in again?

prain
0
Comment
Question by:prain
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 

Expert Comment

by:devildog1775
ID: 17054369
You must invaldate his existing session.  You have access to the HttpServletRequest object.  
Call request.getSession().invalidate(); and their session will be gone and they will be forced to login again.  

That said you will not be able to stop them from going back into their cache to retrieve old pages but if they make another request of your server they will be forced to log in again.

Hope this helps
0
 
LVL 8

Expert Comment

by:kaliyugkaarjun
ID: 17056359
devildog1775 is right..
U have to invalidate session after user logs out. So even if user goes forward (check shud me made if session is valid before forwarding to next page) he will be asked to login again..
0
 

Author Comment

by:prain
ID: 17059133
I am bit confused here. I am in the learning process. So If I ask you a dumb Questions, forgive me.

Ok, so, imagine that I have a link hilighted in red "Log Out" at the top of my working pages. So when the user clicks
this How Am I to invalidate?. Where in my servlet code should I do that?.
0
 
LVL 4

Expert Comment

by:Meritor
ID: 17064790
Just write the following in your servelet code

Assuming that you are calling a servlet onclick of logout.

inside your doGet/doPost/service method
public void doPost(HTTPServletRequest request,HTTPServletResponse response) thorws Exception
{
  request.getSession().invalidate();
 
}
0
 
LVL 5

Accepted Solution

by:
muktajindal earned 100 total points
ID: 17071971
In case you want to disable the browser back button functionality, you can add the following code to your jsps

      <SCRIPT LANGUAGE="JavaScript">
            <!--
            javascript:window.history.forward(1);
                //-->
      </SCRIPT>
         
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

While it may be true that the internet is a place of possibilities, it is also a hostile environment lurking with many dangers. By clicking on the wrong link, trusting the wrong person or using a weak password, you are virtually inviting hackers to …
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

735 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question