Invalidating session in struts
Typically, however, the behaviour depends on hints the browser receives from the server whenever it requests a page.
We will be using JSF view for login, DAO object , Http Session for session management, JSF managed bean and mysql database. Note that database operations code is not optimized to be used in a real project, I wrote it as quickly as possible because the idea is to learn authentication in JSF applications.
By default, a browser will do its best to cache pages and avoid fetching fresh copies, so it can display them more quickly when asked to do so.
To prevent the user from seeing stale data when they hit the back button, you need to tell their browser not to cache the page.
Specifically, you need to set the With this set, responses from your Struts application will include the cache-control headers and the browser will never cache them.
As a result, when the user hits the 'back' button, the browser will always request a fresh copy of the page and will never be presented with a cached, stale copy.