Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

How to disable the browser's forward button after logout?

Posted on 2006-07-06
5
Medium Priority
?
483 Views
Last Modified: 2008-02-01
Hello,

I start-up my servlet based web-application by the LOG-IN screen, then I do all work etc.... Every Dynamic page
that is created within the system as a "LOGOUT" option. If the user clicks logout, I have set to go to the "LOGIN" screen (That's the initial screen that the system started"). But in my case eve after I redirect the LOGIN page, the browser's forward button is still active. So the user still can go to the session work he was doing. This is not right. How do I disable the forward button? or how do I not let go to the pages without logging in again?

prain
0
Comment
Question by:prain
5 Comments
 

Expert Comment

by:devildog1775
ID: 17054369
You must invaldate his existing session.  You have access to the HttpServletRequest object.  
Call request.getSession().invalidate(); and their session will be gone and they will be forced to login again.  

That said you will not be able to stop them from going back into their cache to retrieve old pages but if they make another request of your server they will be forced to log in again.

Hope this helps
0
 
LVL 8

Expert Comment

by:kaliyugkaarjun
ID: 17056359
devildog1775 is right..
U have to invalidate session after user logs out. So even if user goes forward (check shud me made if session is valid before forwarding to next page) he will be asked to login again..
0
 

Author Comment

by:prain
ID: 17059133
I am bit confused here. I am in the learning process. So If I ask you a dumb Questions, forgive me.

Ok, so, imagine that I have a link hilighted in red "Log Out" at the top of my working pages. So when the user clicks
this How Am I to invalidate?. Where in my servlet code should I do that?.
0
 
LVL 4

Expert Comment

by:Meritor
ID: 17064790
Just write the following in your servelet code

Assuming that you are calling a servlet onclick of logout.

inside your doGet/doPost/service method
public void doPost(HTTPServletRequest request,HTTPServletResponse response) thorws Exception
{
  request.getSession().invalidate();
 
}
0
 
LVL 5

Accepted Solution

by:
muktajindal earned 400 total points
ID: 17071971
In case you want to disable the browser back button functionality, you can add the following code to your jsps

      <SCRIPT LANGUAGE="JavaScript">
            <!--
            javascript:window.history.forward(1);
                //-->
      </SCRIPT>
         
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Choosing the right mix of apps is very much necessary for CPAs for making the most of the latest technology through which they can boost their growth.
Are you a startup company? Being a startup, you may be using shared hosting, or maybe even dedicated hosting. But have you ever given a thought to using cloud computing now? Yes, don’t be surprised, it is possible for startups to opt for cloud compu…
This Micro Tutorial will teach you how to add a cinematic look to any film or video out there. There are very few simple steps that you will follow to do so. This will be demonstrated using Adobe Premiere Pro CS6.
Integration Management Part 2
Suggested Courses
Course of the Month11 days, 6 hours left to enroll

572 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question