That way an invalidated session can be made visible to the user.

Regards, Silvio Bierman Maybe you should read Silvio's reply a little more closely.

Sex chat icq us - Invalidating session in struts

"Silvio Bierman" Invalidating a session is server-side logic, the back-button is purely client-side logic.

Those headers can be a combination of: Pragma=no-cache (for older browsers) Cache-control=no-store (a stricter version of no-cache) Expires=0 Setting these will prevent any non-deaf browser from showing cached content.

If you truly call session.invalidate(), then the session is gone. In first request I delete all attributes of a session and invalidate it.

Pressing the back button in your browser is simply pulling the page from your local cache, not making a new request. When I press back, in next request, I can access to the attributes of session.

Blocking Servlet.execute Request(Blocking Servlet.java:288) at com.icesoft.faces.webapp.xmlhttp. Blocking Servlet.service(Blocking Servlet.java:189) at javax. Http Servlet.service(Http Servlet.java:802) at org.apache. Application Filter Chain.internal Do Filter(Application Filter Chain.java:252) at org.apache.

Application Filter Filter(Application Filter Chain.java:173) at org.apache.

Error Report Valve.invoke(Error Report Valve.java:118) at org.apache.

Standard Valve Context.invoke Next(Standard Valve Context.java:102) at org.apache.

Standard Pipeline.invoke(Standard Pipeline.java:520) at org.apache. Standard Engine Valve.invoke(Standard Engine Valve.java:109) at org.apache.