Session invalidate

[Bihari Bela <bi...@softech.ro>]

Hi I am making a user managment system for a project. The problem i am facing is that first how can i make a system in which every page should be authenticated by server. And when user sign out then how to delte enteries from browser's back and forward buttons. Currently i am using cookies and session objects in fact i store user name and password in cookies and session at the same time when ever a request came i chack wheather the user name in session and cookie is same or not if yes then user log in successfuly. When user sign out i simply invalidate the session but this thing disable the hyper links but it have no effect on browser's back and forward button he can easily go anywhere. And also please tell me that if this problem can be solved by disabling the content caching at client, if yes then how to disable the content caching at client. Please give me suggestions keeping yahoo's system as model.Coz yahoo does the same thing as i want to do. Please reply me soon i am waiting anxiously. Bye