• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

logout issue

 
Ranch Hand
Posts: 215
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi all ,

I am working on online application where I have to implement the logout funtionality.
I have written code for logout, in which it removes the session availables.

Once I do logout I go the logout jsp which is fine. But, when I do browser back it shows me the previous screen which I am not
interested.Instead of that I should see again logout page. I have written some code to cache and refresh the page but it does not work.

Thanks in advance for your kind help.

Rahul

 
Ranch Hand
Posts: 88
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
How are you forwarding the control to logout.jsp
 
Greenhorn
Posts: 27
Tomcat Server Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
If the logout is done using form submit on the front end, then it should take care of back button click. (Clicking on back button of browser will ask user to resend the information.)

The other thing that you can do is, on all the application pages, you can check for session variables and if they are invalid redirect user to login page.

Ideally when user will click back button, he/she should be taken to login page instead of logout.
 
Ranch Hand
Posts: 672
4
Eclipse IDE Spring Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
This is due to the caching problem, your browser is displaying the cached page..use no-cache in JSP.. this should solve the problem..
 
Rahul Ba
Ranch Hand
Posts: 215
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

I am forwarding to log out page by using following line

<a class="topNav" href="<%=request.getContextPath()%>/logout.html">Logout

Already, I do have following code in all jsp. but still when do browser back it shows me cached page.

response.setHeader("Pragma", "No-cache");
response.setHeader("Cache-Control", "no-cache");
response.setHeader("Cache-Control", "must-revalidate");


Thanks once again

Rahul
 
Naveen puttu
Ranch Hand
Posts: 88
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Rahul Ba wrote:
I am forwarding to log out page by using following line

<a class="topNav" href="<%=request.getContextPath()%>/logout.html">Logout

Already, I do have following code in all jsp. but still when do browser back it shows me cached page.

response.setHeader("Pragma", "No-cache");
response.setHeader("Cache-Control", "no-cache");
response.setHeader("Cache-Control", "must-revalidate");


Thanks once again

Rahul



Why dont you try using this



The forward method of RequestDispatcher will forward the ServletRequest and ServletResponse that it is passed to the path that was specified in getRequestDispatcher(String path). The response will not be sent back to the client and so the client will not know about this change of resource on the server. This method is useful for communicating between server resources, (servlet to servlet). Because the request and response are forwarded to another resource all request parameters are maintained and available for use. Since the client does not know about this forward on the server, no history of it will be stored on the client, so using the back and forward buttons will not work.
 
Rahul Ba
Ranch Hand
Posts: 215
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Yes, Naveen I did the same thing, but again the same thing. It did not work. It's like browser keeps the page in session and that is shown to us.
Please let me know your opinion.

Rahul
 
Naveen puttu
Ranch Hand
Posts: 88
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Rahul Ba wrote:
Yes, Naveen I did the same thing, but again the same thing. It did not work. It's like browser keeps the page in session and that is shown to us.
Please let me know your opinion.

Rahul




Can you post your code in here . And BTW you may want to invalidate the session . That Should help and add a check for invalidated session and see what you want to do about it (Just a work around if you approaching deadlines).

post your code in here anywayz
 
Ranch Hand
Posts: 329
Eclipse IDE Oracle Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Invalidating the session is the best practice while logout and that is the way it should be.
The response header part mention previously should be actualy be done for all the JSPs since the the content sits in the browser cache.
Anyways its still an open issue, you can see all bank sites even to have "Please close the window" for security reasons.
for now, if the the page alone is your concern you can redirect the user to the same page.
 
Greenhorn
Posts: 9
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Try adding the following to your page so that the browser will not cache the page:

<META HTTP-EQUIV="Expires" CONTENT="Tue, 01 Jan 1980 1:00:00 GMT">
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
 
Ranch Hand
Posts: 41
Eclipse IDE Firefox Browser Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I believe that all the above solutions put together, you should not be facing the problem you were facing earlier.
If you still have the same problem, then probably the only explanation is that you need to clear your browser's contents.
Try removing the cookies, offline content, etc. or maybe try using another browser.

P.S. Please use code tags to abide by these practices.
Thank you,
Ashutosh.
 
Consider Paul's rocket mass heater.
reply
    Bookmark Topic Watch Topic
  • New Topic