Question:
For my company’s intranet, I used sessions to keep track of the user. When a user clicks on the logout button, the session is abandoned. However, even though the session gets terminated, you can still go to the previous page using the back button of the browser. How can I prevent this?
Answer:
You can abandon a session by using the Session.abandon method. To prevent the user from using the back button, you may have to modify your application so that the browser window itself is shut down?either manually by the user logging out or automatically, if the browser was a popup child window to begin with.