Session not getting destroyed on Logout


#1

Hi,
I’m trying to destroy session when user clicks logout in
rails…Here is the code:

def logout
reset_session
redirect_to
CASClient::Frameworks::Rails::Filter.client.logout_url
(request.referer, url_for (:controller => ‘site’, :action =>
‘myportal’))
end

However, when I click the back button, it shows me the page with all
information. If the session is destroyed, it should not display the
page, right?

What could be the issue?

Appreciate any help!!

Thanks!


#2

On Dec 10, 10:22 pm, Jack removed_email_address@domain.invalid wrote:

However, when I click the back button, it shows me the page with all
information. If the session is destroyed, it should not display the
page, right?

What could be the issue?

Your browser’s cache

Fred


#3

The Back button is just a LOCAL browser history navigation command, if I
remember correctly.


#4

If I want to redirect the user back to the login page when back is
hit, what code do I need to put in?

Thanks!


#5

On Dec 11, 1:14 am, Jack removed_email_address@domain.invalid wrote:

If I want to redirect the user back to the login page when back is
hit, what code do I need to put in?

The problem you might find is that your server isn’t hit at all. The
browser just pulls up its cached copy of the page.

Fred


#6

Maybe a before_filter on the controller for your page that checks to see
if the user is logged in, and if not, routes them to the login page?