Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

How to disable the browser's forward button after logout?

Posted on 2006-07-06
5
Medium Priority
?
482 Views
Last Modified: 2008-02-01
Hello,

I start-up my servlet based web-application by the LOG-IN screen, then I do all work etc.... Every Dynamic page
that is created within the system as a "LOGOUT" option. If the user clicks logout, I have set to go to the "LOGIN" screen (That's the initial screen that the system started"). But in my case eve after I redirect the LOGIN page, the browser's forward button is still active. So the user still can go to the session work he was doing. This is not right. How do I disable the forward button? or how do I not let go to the pages without logging in again?

prain
0
Comment
Question by:prain
5 Comments
 

Expert Comment

by:devildog1775
ID: 17054369
You must invaldate his existing session.  You have access to the HttpServletRequest object.  
Call request.getSession().invalidate(); and their session will be gone and they will be forced to login again.  

That said you will not be able to stop them from going back into their cache to retrieve old pages but if they make another request of your server they will be forced to log in again.

Hope this helps
0
 
LVL 8

Expert Comment

by:kaliyugkaarjun
ID: 17056359
devildog1775 is right..
U have to invalidate session after user logs out. So even if user goes forward (check shud me made if session is valid before forwarding to next page) he will be asked to login again..
0
 

Author Comment

by:prain
ID: 17059133
I am bit confused here. I am in the learning process. So If I ask you a dumb Questions, forgive me.

Ok, so, imagine that I have a link hilighted in red "Log Out" at the top of my working pages. So when the user clicks
this How Am I to invalidate?. Where in my servlet code should I do that?.
0
 
LVL 4

Expert Comment

by:Meritor
ID: 17064790
Just write the following in your servelet code

Assuming that you are calling a servlet onclick of logout.

inside your doGet/doPost/service method
public void doPost(HTTPServletRequest request,HTTPServletResponse response) thorws Exception
{
  request.getSession().invalidate();
 
}
0
 
LVL 5

Accepted Solution

by:
muktajindal earned 400 total points
ID: 17071971
In case you want to disable the browser back button functionality, you can add the following code to your jsps

      <SCRIPT LANGUAGE="JavaScript">
            <!--
            javascript:window.history.forward(1);
                //-->
      </SCRIPT>
         
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Transferring FSMO roles is done when an admin wants to split roles between certain Domain Controllers or the Domain Controller holding the Roles has been forcefully demoted using dcpromo / forceremoval
Ranking ecommerce websites is a vital process. You need to have a strong SEO (Search Engine Optimization) strategy. If you don’t have one, you are losing out on brand impressions, clicks and sales. Check this guide on how to improve website traffic …
This Micro Tutorial will teach you how to add a cinematic look to any film or video out there. There are very few simple steps that you will follow to do so. This will be demonstrated using Adobe Premiere Pro CS6.
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…
Suggested Courses

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question