How to logout!!!

public class logout extends HttpServlet {
	public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
            process(request,response);
    }
    public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
            process(request,response);
    }
    public void process(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		HttpSession session = request.getSession();
		session.invalidate();
		response.sendRedirect("index.jsp");
	}
}

session is still alive!!!

samlabs821

Newbie Poster

17 posts since May 2008

Reputation Points: 29

Solved Threads: 0

4 Years Ago

0

no. But when you go to that JSP you immediately create a new session :)

jwenting

duckman

Team Colleague

8,392 posts since Nov 2004

Reputation Points: 1,662

Solved Threads: 337

4 Years Ago

0

can you give an example?

samlabs821

Newbie Poster

17 posts since May 2008

Reputation Points: 29

Solved Threads: 0

4 Years Ago

0

well u could logout by using these methods
1) using the session.invalidate();
2) restricting the user from using the login details (when using the back button) by refreshing the page.
3) Using the sessionAccessTime.........

The first method does get you out of the session ............
provided you have used the session='true' [for jsp pages]
or HttpSession s=request.getSession(true) [in servlet this code works in the jsp in <% %>tag]
in the first page and using false in the rest of the pages as it wont create the new sessions..................

but this method is ineffective as the browser has a back button.................

if you want to know more about doing a proper logout you can write to me

rexlee84

Newbie Poster

1 post since May 2008

Reputation Points: 10

Solved Threads: 0

2 Years Ago

0

well u could logout by using these methods 1) using the session.invalidate(); 2) restricting the user from using the login details (when using the back button) by refreshing the page. 3) Using the sessionAccessTime.........

The first method does get you out of the session ............ provided you have used the session='true' [for jsp pages] or HttpSession s=request.getSession(true) [in servlet this code works in the jsp in <% %>tag] in the first page and using false in the rest of the pages as it wont create the new sessions..................

but this method is ineffective as the browser has a back button.................

if you want to know more about doing a proper logout you can write to me

I had read what you have discussed here. I am facing same problem what you had. If any suggestion or help that will be appreciated.

shardaprasad001

Newbie Poster

1 post since Apr 2009

Reputation Points: 10

Solved Threads: 0

2 Years Ago

Show Comments

1

I had read what you have discussed here. I am facing same problem what you had. If any suggestion or help that will be appreciated.

is to session.setAttribute(null,"sessionname");

samlabs821

Newbie Poster

17 posts since May 2008

Reputation Points: 29

Solved Threads: 0

2 Years Ago

0

session.invalidate(); will do the job.....we should have conditions to check if the session-attributes are present in every page except the login page....

or session.removeAttribute(); will also do the job...if you remove all the attributes...:)

itian_naeem

Newbie Poster

1 post since Oct 2009

Reputation Points: 10

Solved Threads: 0

2 Years Ago

Show Comments

-2

you dont know anything where is the code?
next be more clear.

puar143

Newbie Poster