I am trying to kill the session when the user logs out .
It is working fine when the user logs out .But when the user clicks again back button and uses refresh button at that time the session is again storing the session?.So please let know if there is any method to completely destroy the session when one the user refresh.
I am using session.invalidate() in Jsp page.
Thanks In Advance.
Are you using BASIC authentication? If that's the case then your user's browser is resending its login/password autmatically. That's a browser "feature"...