i've created a HttpSession,
HttpSession sess = req.getSession();
Now using the ServletContext, i'm passing the value of the Session by using the getId(); tru the application. But wheni click on logout, the page redirects to the specified URL, and i've also used the invalidate() method, but the session still is active. If the user uses the back button of the browser the clicks on any other link, it still works. technically it shud trow a msg saying that the " you have been logged out"... here is the code of the LogoutServlet.

HttpSession seescurrent = req.getSession();

so am i doing sumthing wrong in logout. please help me to use the logout code properly..