Struts Login/Logout

From:

kungfoocoder@gmail.com

Newsgroups:

comp.lang.java.programmer

Date:

Wed, 20 Aug 2008 21:49:14 -0700 (PDT)

Message-ID:

<1ea88cb8-4be7-4129-872c-95b1d0d11af1@56g2000hsm.googlegroups.com>

Hi,

I am trying to develop a login/logout form using Struts. Please have a
look at the following sample code.

---LoginAction---

public class LoginAction extends Action{

    public ActionForward execute(ActionMapping mapping, ActionForm
form, HttpServletRequest request,
HttpServletResponse response){

        LoginForm f = (LoginForm)form;

        String userName = f.getUserName();
        String passWord = f.getPassWord();

        if(userName.equalsIgnoreCase("username") &&
passWord.equalsIgnoreCase("password"))
        {
           session.setAttribute("userName", userName);

        }

         return(mapping.findForward("success"));

     }

}

And in the LogoutAction, I do session.removeAttribute("userName") and
do a session.invalidate().

The problem is whenever I press the back button of the browser, It
again goes to the page which is supposed to be shown only to user
logged in successfully. Am I doing something wicked ?

Thanks for your help/suggestions.
-
KFC