Generally, browser back and forward buttons use the cache copy. So while going forward and coming back no server code is re-run. Thus it would be difficult for you to show login page if one comes back after logging in.
Alternative would be to not allow pages to be cached. This would disable/gray out the back forward button of browser. Thus, user wont be able to do back/forward.
Here you can use:
This can be easily done by
expiring the Response. The code for this in ASP.NET 2.0:
Response.Cache.SetCacheability(HttpCacheability.NoCache);
Response.Cache.SetExpires(DateTime.UtcNow.AddHours(-1));
Response.Cache.SetNoStore();