Sounds like an opportunity for a ValidSession filter:
http://java.sun.com/blueprints/corej2eepatterns/Patterns/InterceptingFilter.html
-Dennis
Srinivas Jadcharla <[EMAIL PROTECTED]>
11/15/2005 10:00 AM
Please respond to
"Struts Users Mailing List" <user@struts.apache.org>
To
user@struts.apache.org
cc
Subject
Logout Problem
Hi There,
I have a problem logging out my Struts Based Web Application.Here iam
giving the code in Logout Action..
request.getSession().removeAttribute("ssn");
request.getSession().removeAttribute("pin");
request.getSession().removeAttribute("parentrole");
request.getSession().invalidate();
response.sendRedirect("/login.jsp");
Once it invalidates the Session iam redirecting the user to login page
where
he/she needs to sign in again.But problem is when user clicks back button
in
the browser its taking me to secured pages which i dont want.Iam using the
following code in my secured pages but no use.
<%
response.setHeader(
"pragma", "no-cache");
response.setHeader(
"Cache-Control", "no-cache");
response.setDateHeader(
"Expires", -1);
%>
Iam not understanding where exactly iam doing the mistake.Some one please
help me to sort it out.
--
Thanks & Regards
Srinivas
732-648-9421(Cell)
