The normal approach here is that initially after a successfull login, some kind of flag or indicator is kept in the session to indicate that the user is logged in. Then every page that is "protected" should check this flag, and if it is not set, redirect to the login page. For this to work properly all these "protected" pages should also be set to expire immediately. Now after logging out the the session should be cleared, so if the back button is pressed and a "protected" page is re-fetched it will note that the flag is no longer set and will redirect to the login page.
> -----Original Message----- > From: Kurelli Rajshekar [SMTP:[EMAIL PROTECTED]] > Sent: 12 November 2002 03:04 > To: [EMAIL PROTECTED] > Subject: Clicking on Browser back > > Hello everyone, > > I am developing a website.. > I want to know the different possibilities to redirect to the login form > when pressed on the browser back button after logging out (session > expiry). > > > waiting to hear from you, > > Best regards, > Raj > > > Inooga Solutions Private Limited > > Your ISO certified partner for > > - Offshore Development > - Placement and Recruitment > - Product Development > > Plot No. 206, Road No. 72, > Prashasan Nagar, Jubilee Hills, > Hyderabad 500 033, > Andhra Pradesh, India. > Phone: +91 (0) 40 3546154 > Fax: +91 (0) 40 3546854 > URL: www.inooga.com <http://www.inooga.com/> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > E-Mail disclaimer: > This email and any files transmitted with it are confidential and > intended solely for the use > of the individual or entity to whom they are addressed and do not > constitute a commitment > by Inooga Solutions Pvt. Ltd. except where provided for in a written > agreement between you > and the Company. If you are not the intended recipient of this message, > please notify the > sender immediately. > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > -- It is the strict policy of Truworths that its e-mail facility and all e-mail communications emanating therefrom, should be utilised for business purposes only and should conform to high professional and business standards. Truworths has stipulated certain regulations in terms whereof strict guidelines relating to the use and content of e-mail communications are laid down. The use of the Truworths e-mail facility is not permitted for the distribution of chain letters or offensive mail of any nature whatsoever. Truworths hereby distances itself from and accepts no liability in respect of the unauthorised use of its e-mail facility or the sending of e-mail communications for other than strictly business purposes. Truworths furthermore disclaims liability for any unauthorised instruction for which permission was not granted. Truworths Limited accepts no liability for any consequences arising from or as a result of reliance on this message unless it is in respect of bona fide Truworths business for which proper authorisation has been granted. Any recipient of an unacceptable communication, a chain letter or offensive material of any nature is requested to notify the Truworths e-mail administrator ([EMAIL PROTECTED]) immediately in order that appropriate action can be taken against the individual concerned. ___________________________________________________________________________ To unsubscribe, send email to [EMAIL PROTECTED] and include in the body of the message "signoff SERVLET-INTEREST". Archives: http://archives.java.sun.com/archives/servlet-interest.html Resources: http://java.sun.com/products/servlet/external-resources.html LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
