problem in logout...

[raj.33jsr]

dear all
i am working with a project where i need to logout a user from his account on clicking logout option .I am using the coad in servlet for log out..


import javax.servlet.*;
import javax.servlet.http.*;
/**
* Insert the type's description here.
*/
public class LogOut extends HttpServlet {
/**
* Process incoming HTTP GET requests
*
* @param request Object that encapsulates the request to the servlet
* @param response Object that encapsulates the response from the servlet
*/
public void doGet(HttpServletRequest req, HttpServletResponse res)
throws ServletException, java.io.IOException {


res.setHeader("Cache-Control","no-cache"); //HTTP 1.1
res.setHeader("Pragma","no-cache"); //HTTP 1.0
res.setDateHeader ("Expires", 0); //prevents caching at the proxy server
res.setHeader("Cache-Control","no-store"); //HTTP 1.1
System.out.println("################## in side Logout Class");


HttpSession session = req.getSession(false);
if (session != null) {
session.removeAttribute("userId");
session.removeAttribute("userPw");
session.removeAttribute("url");
session.invalidate();
}

res.sendRedirect("./jsps/Login/LogOut.jsp");
}



}

but the problem is after log out when i am clicking the back button of browser it redirects to the account again..
if any body can help me out than please send me the coad...

[Tolls]

OK.
Does the page they are going Back to have any security checks on it?

[raj.33jsr]

yes in my jsp page i am checking..


<%
response.setHeader("Cache-Control","no-cache"); //HTTP 1.1
response.setHeader("Pragma","no-cache"); //HTTP 1.0
response.setDateHeader ("Expires", 0); //prevents caching at the proxy server
response.setHeader("Cache-Control","no-store"); //HTTP 1.1
%>

<%
if(session.getAttribute("username")==null)
{
response.sendRedirect("./jsps/Login/LogOut.jsp");
}
else{%>
business logic......
<%}%>
still it is not working..