0

I know there are already duplicate questions marked but none of the approaches seem to work for me. Kindly suggest whats wrong . Here is my filter code. 

public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
    HttpServletRequest request = (HttpServletRequest) req;
    HttpServletResponse response = (HttpServletResponse) res;

    HttpSession session = request.getSession(false);
    if(session != null) 
    {
        session.invalidate(); 
    }  

    response.setHeader("Cache-Control","no-cache"); //Forces caches to obtain a new copy of the page from the origin server
    response.setHeader("Cache-Control","no-store"); //Directs caches not to store the page under any circumstance
    response.setDateHeader("Expires", 0); //Causes the proxy cache to see the page as "stale"
    response.setHeader("Pragma","no-cache"); //HTTP 1.0 backward compatibility

    request.getRequestDispatcher("login.jsf").forward(request, response);

    chain.doFilter(req, res);
}
Raptor
  • 53,206
  • 45
  • 230
  • 366
Shubham Khare
  • 171
  • 1
  • 1
  • 12
  • I don't get the question. what's the problem with the back button showing the login screen after a logout? – Gimby Mar 20 '18 at 08:35
  • The question is that suppose I sign out off gmail and then press the back button will I get my inbox list even though I know that the page is cached and its not from the server. Its a security compromise and when the back button is accidently pressed, the login dashboard is revealed, although the user cant make any further requests since he is already logged out. I dont want that login dashboard to be revealed after the log off has been pressed. – Shubham Khare Mar 20 '18 at 08:40

1 Answers1

0

By default the modern browsers do not reload the page after clicking the back button, unless you have some client side code which forces the reload. What I mean is that when you click back, the browser will not call the server for the login page. For more information please see: https://stackoverflow.com/a/8861236/5468990

dj_frunza
  • 1,553
  • 3
  • 17
  • 28