public class logout extends HttpServlet {
	public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
            process(request,response);
    }
    public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
            process(request,response);
    }
    public void process(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		HttpSession session = request.getSession();
		session.invalidate();
		response.sendRedirect("index.jsp");
	}
}

session is still alive!!!

well u could logout by using these methods
1) using the session.invalidate();
2) restricting the user from using the login details (when using the back button) by refreshing the page.
3) Using the sessionAccessTime.........

The first method does get you out of the session ............
provided you have used the session='true' [for jsp pages]
or HttpSession s=request.getSession(true) [in servlet this code works in the jsp in <% %>tag]
in the first page and using false in the rest of the pages as it wont create the new sessions..................

but this method is ineffective as the browser has a back button.................

if you want to know more about doing a proper logout you can write to me

well u could logout by using these methods
1) using the session.invalidate();
2) restricting the user from using the login details (when using the back button) by refreshing the page.
3) Using the sessionAccessTime.........

The first method does get you out of the session ............
provided you have used the session='true' [for jsp pages]
or HttpSession s=request.getSession(true) [in servlet this code works in the jsp in <% %>tag]
in the first page and using false in the rest of the pages as it wont create the new sessions..................

but this method is ineffective as the browser has a back button.................

if you want to know more about doing a proper logout you can write to me

I had read what you have discussed here. I am facing same problem what you had. If any suggestion or help that will be appreciated.

I had read what you have discussed here. I am facing same problem what you had. If any suggestion or help that will be appreciated.

is to session.setAttribute(null,"sessionname");
Comments
Nice to see you come back and reply to old thread

session.invalidate(); will do the job.....we should have conditions to check if the session-attributes are present in every page except the login page....


or session.removeAttribute(); will also do the job...if you remove all the attributes...:)

you dont know anything where is the code?
next be more clear.

Next time please make sure that you do not reopen old thread when you do not have anything valid to say.

This article has been dead for over six months. Start a new discussion instead.