Welcome to WebmasterWorld Guest from 188.8.131.52
Forum Moderators: incrediBILL
If so, your best bet would be to start with NO CACHE meta tags or http headers. If you don't have control over the headers the server is sending out, then metatags would be the second best bet. Also, you might consider a secure server as most browser won't cache pages on secure servers.
An alternative is to create a popup using the onUnLoad event. Whilst this is considered naughty on the net it's normally a-ok in trusted applications, especially when it's used to call a page that will mop-up the session (log the user out).
If you're working with IE5+ you can also take advantage of the onBeforeUnLoad event to warn users that they will be logged out and given the option to cancel their action.
Problems with onUnLoad:
You would errr.. need to be using frames to do this! or every time a new page is loaded the onUnLoad event would fire for the previous page.
If you have some server scripting power you can normally listen for some kind of event that signifies the end of a session which can call a mop-up script on the server.
**Put your logout code here **
...to the Global.asa file. You can configure the timeout period in IIS under properties of the specific application (Properties > Directory Tab > Configuration Button > App Options Tab) - it usually defaults to 20 minutes (of inactivity will end the session).