rajesh,
you have to keep track of the session.. the servlet should check the current
user logged in through the session.. whenever the user logged out, you
should remove the object in the session..
-donjunio-
>From: rajesh <[EMAIL PROTECTED]>
>Reply-To: "A mailing list for discussion about Sun Microsystem's Java
> Servlet API Technology." <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>Subject: problem!
>Date: Thu, 30 Mar 2000 12:00:50 +0530
>
>Hi people,
> I have a servlet that generates a html page. It uses session
>tracking to validate a login and then proceeds according to an object
>stored in the session. Now, after someone logs out, there is a possibility
>that someone using the same computer later can, using the back button, see
>the output of the servlet that was invoked before the log out. Okay, he
>will not be able to use the servlet, but is there any method by which we
>can prevent any unauthorized person to even see the page that was
>displayed?
> Thanx in advance.
>-Rajesh
>
>___________________________________________________________________________
>To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
>of the message "signoff SERVLET-INTEREST".
>
>Archives: http://archives.java.sun.com/archives/servlet-interest.html
>Resources: http://java.sun.com/products/servlet/external-resources.html
>LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
