hello, 1. a webapp has a filter, which filters all of the requests to application's servlets. 2. the filter makes a simple check: if (session == null || session.getAttribute("abc") == null) //redirect the request to the login page; else //continue with it as it is 3. if i invalidate the session, and then try to use back button of the browser the filter kicks me to the login page. on tomcat4 this works fine. at least i didn't see any problem ever. 4. on tomcat 5 this logic works fine only with browser whith enabled cookies. using the session tracking with url rewriting doesn't work.works the debugging shows that the flow runs into the code block that must invalidate the session, but it's not invalidated. i still can get back,see the pages and use the data stored in session!:( did u have any expirience with this stuff? thanks in advance.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]