The back button doesn't cause a postback, the page is just retrieved from the browsers cache. You will have to set the page to expire as soon as you send it. This way, the back button should force a postback. Sorry, I'm not 100% sure how to do this. It has to do with setting the expire on the Httpheader part of the page.
However, you should really let forms authenticaion take care of this for you rather than doing a redirect based on a session. Here is a basic article on how to set this up:
http://www.15seconds.com/issue/020220.htmHTH,
BOb
>Dear All
>I have 3 webforms:
>
>- login.aspx
>- mainform.aspx
>- logout.aspx
>
>In my web.config:
>
>sessionState
> mode="InProc"
> stateConnectionString="tcpip=127.0.0.1:42424"
> sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes"
> cookieless="false"
> timeout="25"
>
>in login.aspx, I put session control as follow:
>
>mUserId = "TEST"
>Session("WebLogMemberID") = mUserId
>
>in the page_load event of mainform.aspx I put session control as follow:
>
>If Len(Trim(Session("WebLogMemberID"))) = 0 Then
> Response.Redirect("login.aspx")
>End If
>
>means if user has no passed the login screen then he/she will kicked back to login.aspx ..
>
>in the page_load event of logout.aspx, I put as follow:
>
>Session("WebLogMemberID") = ""
>
>but when user click "Back" button .. it will not automatically bring user to login.aspx except I have to press F5 for refresh page manually .. please advise and many thanks in advance
>
>Regards
>Winanjaya