Invalidating a session in jsp
Buttons with You should take a look at the invalidate() method of Http Session.
The session can be retrieved via Http Servlet Request get Session() method.
Java code in JSP files should be avoided as much as possible.
Further, there's another potential problem when the enduser uses the browser's back button to navigate back in history.
By default, the browser will cache all responses and thus the back button might display the page from the browser cache instead of requesting a brand new straight from the server.
In order to fix this, see this related question Prevent user from seeing previously visited secured page after logout Last but not least, you've there some quite strange HTML.
Browser is caching the previous pages, and when you click back button it is taking to previous cached page.
You need to add Cache headers which does not allow browser to cache page.
So if you click refresh page, you will not see that page again.Hi All, I want to invalidate user's session when user log in from different remote location in web application.I have session ID and user name of particular user so when i try to use like this Http Session Context context=Session()Session Context(); Session(session ID).invalidate(); this is giving null pointer.1)When you are clicking on back button on browser you are getting previous page because of browser cache.2)When you are clicking on any page after backing you are getting status 500 because there is null pointer exception because of session object is invalidate already.