Destroying Session in JSP

**Level8** · 11-03-2010

Hello, I am not able to destroy the session. When you click the back button, it always comes back in session and it must refresh the page to the protection of the session page redirects to the authentication session yet exists.
I tried everything with session.setAttribute, session.removeAttribute, session.invalidate (), session = null, but you can still click the back button and come back in page session.

**Praetor** · 11-03-2010

Hello, you can simply make use of the code below for getting the solution for your problem.

Code:

<% if(session.getAttribute("time")==null)
{  
out.println("Start");  
session.setAttribute("Date",new java.util.Date());            
} 
else
{  
out.println("Next");  
}  
%>

**Katty** · 11-03-2010

If you want to invalidate the session then you must need to use the code below:

Code:

rew.getSession().invalidate();

But when you do back in your browser, it does not reload the page from the server, but it is in the cache on the client side. So, you can't stop from viewing it. So, you can use the javascript and solve your problem. For that you can make use of the code below:

Code:

window.Rentals.replace(url);

It replaces the page so you can keep on page one page which is better but still not optimal.

**Zecho** · 11-03-2010

If you are making the call as below:

Code:

request.getSession().invalidate();

Then you must not use the false parameter passing as below:

Code:

request.getSession(false).invalidate();

As if you are using above one then it is not provide you what you want. As the default value is true.

**Reegan** · 11-03-2010

Hello, I have tried this while making my project in jsp. I tried window.location.replace (url). It works but I wonder if there is a way to erase the history of pages visited in my sessions applicable to that user can not return to the session pages. I think history in javascript, get the long history of Array, then retrieve the url history with item. I don't think that there is any way to solve this problem.

**kelfro** · 11-03-2010

Hello, If you want to perform the task from which you can able to force the browser from which it can remove the cached HTML pages generated by JSP pages. For that you just need to make use of the code below at the beginning of the Jsp page.

Code:

<%
response.setHeader ( "Pragma", "no-cache");
response.setDateHeader ( "Expires", 0);
response.setHeader ( "Cache Remove", "no-cache");
response.setHeader ( "Cache Remove", "no-store");
%>