Typically, however, the behaviour depends on hints the browser receives from the server whenever it requests a page.
By default, a browser will do its best to cache pages and avoid fetching fresh copies, so it can display them more quickly when asked to do so.To prevent the user from seeing stale data when they hit the back button, you need to tell their browser not to cache the page.With cache control in place, the browser will request a fresh copy of the secured page but it is up to the application to determine that the user is no longer logged in and refuse to display the requested page.There are many ways of securing pages in a web application. In the do Filter method we will redirect user to login page if he tries to access other page without logging in.
Http Session; @Web Filter(filter Name = "Auth Filter", url Patterns = ) public class Authorization Filter implements Filter We implement the standard filter class by overriding the destroy and do Filter methods.Mozilla seems to be a good compromize between MSIE, that basically puts equal sign between data caching and location history, and Opera.The problem with with users accessing secured pages by hitting the back button after logging out is partially solved by implementing cache control as described above, but that is only part of the solution.One might say that Opera provides cleaner separation between data caching and location history.On the other hand, for many stateful web applications this behavior ruins the idea of pagedata synchronization at any given time.Authentication mechanism allows users to have secure access to the application by validating the username and password. Step 5: Now create the Login DAO java class as below.