i have done one web project in that i have one probllem.
i signout of my site and then if click back button it will showing same pages with my login details.
i am doing session invalidate but its again going to login why?
how can i do session invalidate?
Isn't this more properly a servlet question? or Tomcat or glassfish?
Are you sure that the browser is actually hitting your server to get the page after you call invalidate() -- it could be that the browser is just showing a cached version.
I'm not just sure if this is what's happening, but as a precaution try calling:
(where res is the servlet response object of couse) before any page that you send that requires login.