You can't handle the back button of the browser, since it is a client-side
event. There are some alternatives though...
You could check for a valid session on the page that could be "backed" into
and if there isn't redirect the user to the logged out page.
You could set the page being backed into to expire immediately, so that when
a user backs into it, they get a page expired message, rather than the page.
"GMK" <georgeskaddoum> wrote in message
news:eiikkaNGFHA.3732TK2MSFTNGP14.phx.gbl...> Dear all
> I'm having a probelm concerning the security of my application.
> the problem is when a user is loggoed in and then he looged out i redirect
> him to the main page of my appkication but if he clicks on the Browser's
> "back button" he could then enter to the application.
> i'm removing all sessions concerning the applcation on logout but i would
> like to know how could i handle the "Back button click event" of the
> Thanks in advance for your help/