|
| ||
| logout problem hi, i'm trying to build a web page which permits the user to login before accessing the contents of the site. the login works fine (i did it using jsp), but i am not able to logout properly, that is, when i click on a "logout" hyperlink, it sends me to the proper page, but when i do "back" on my explorer, it gives me the previous page again. so my logout is pointless. can anyone tell me how to prevent this from happening please?i don't know if i should use jsp, javascript or html to do this. i need this urgently for my project. thanks for replying as quickly as possible. |
| ||
| Re: logout problem I assume your login assigns a session. If so, than on logout do session.invalidate() Pushing back on the browser may still show the site but it should only be a version of the site in the cache. If the user tries to actually submit anything, or reload the site, it should not work. |
| ||
| Re: logout problem Quote:
is session secure?if you have a working piece of code using session can you send me please?i need this urgently for my project. thanks for your help! |
| ||
| Re: logout problem on the login page, you create a session as follows: HttpSession session = request.getSession(true); this will create a session if none exists. During the rest of the users activities, all other pages should use the following: HttpSession session = request.getSession(false); This will return null if there is no valid session. So check for this. If anything happens (i.e. the login fails or you go to the logout page), do the following: session.invalidate(); This will invalidate the session so that further getSession calls using false return null. This is the basic session process/life cycle. The login itself, you can still do yourself, and if it fails, just invalidate the session, as mentioned above. If it succeeds, then continue with the site, and on the logout page, invalidate the session again. |
| ||
| Re: logout problem Quote:
i just have to put it between <% %> at the start of the page right? well its giving me the error: duplicate session variable. am very new to jsp, sorry if i seem a bit dumb ;) |
| ||
| Re: logout problem First you check for the User name and password submitted from the login page , after validating the values submitted by the user , set a flag if the user is valid (successful login) Like session.setAttribute("flag","true"); then put a condition down to forward the page . your logout button should take you to the page where session.invalidate(); get called now your logout function should happen l |
| ||
| Re: logout problem Hi to all. I have tried the code: session.invalidate(); But still i am able to archive my solution. When i click back button. Its still going to the previous page. Plz any one can help me on this. Advance thanks. |
| ||
| Re: logout problem Have you tried "reloading" that page, or is it simply a static version cached by the browser? If you are able to "reload" the page, then I am willing to bet that you are using getSession(true) to retrieve the session (in which case you are creating a new session if one does not already exist). The static, cached page you can't really do anything about (from the server). You can set response headers and pragmas (Google no-cache and expires) to try and prevent it, but the browser does not have to follow these. Or you can use some JavaScript to play with the history, but the browser may have this deactivated. |
| ||
| Re: logout problem Hi Masijade thanks for your reply. I am using only an static page. I want to use only userName and password fields only as you can see some mailling websites. How can i get that? Plz can you help me. |
| All times are GMT -4. The time now is 1:59 pm. |
Forum system based on vBulletin Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
©2003 - 2009 DaniWeb® LLC