Granny's Programming Pearls
"inside of every large program is a small program struggling to get out"
JavaRanch.com/granny.jsp
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes Logout Problem.... Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "Logout Problem...." Watch "Logout Problem...." New topic
Author

Logout Problem....

toukhir mujawar
Ranch Hand

Joined: Oct 11, 2006
Posts: 70
Friends how should i invalidate the authentication that i have done through Tomcat Server......that is using file based realm......

The code for Logout Servelet


public void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {response.setContentType(CONTENT_TYPE);
HttpSession session = request.getSession();

session.invalidate();

RequestDispatcher rd= request.getRequestDispatcher("/Login.jsp");
rd.forward(request,response);
}


this is the code that i have written for Logout...the problem is i have not invalidated the authentication....

please help me ... what should i add to this code?
Deepak Bala
Bartender

Joined: Feb 24, 2006
Posts: 6661
    
    5

Looks like you have invalidated the session - session.invalidate();

What do mean by invalidating the authentication ?


SCJP 6 articles - SCJP 5/6 mock exams - More SCJP Mocks
toukhir mujawar
Ranch Hand

Joined: Oct 11, 2006
Posts: 70
once the user get authenticated he enters into the protected area....

i want to make the user come out of protected area....but the problem is i cant refer to the Login page directly...

thats why i need to end the authentication ...that is what i mean to say by invalidating authentication...
Dilshan Edirisuriya
Ranch Hand

Joined: Apr 22, 2006
Posts: 299
You need authentication to access some resources. After invalidating the session the session is no longer valid. So there is no need for you to do what you say. Correct me if I'm wrong. Your quesion is not clear.


Dilshan Edirisuriya SCJP1.4, SCWCD1.4, SCBCD 5
toukhir mujawar
Ranch Hand

Joined: Oct 11, 2006
Posts: 70
my problem is when i click Logout it shows Login page nad when i try to Login the following error message is fired...


HTTP Status 400 - Invalid direct reference to form login page

--------------------------------------------------------------------------------

type Status report

message Invalid direct reference to form login page

description The request sent by the client was syntactically incorrect (Invalid direct reference to form login page).


--------------------------------------------------------------------------------

Apache Tomcat/5.5.6


can you suggest me what should i do?
Sreeraj G Harilal
Ranch Hand

Joined: Apr 19, 2006
Posts: 310
toukhir mujawar, please check this link
Session Invalidate


SCJP 5.0<br />SCWCD 1.4<br />Preparing for <b>SCEA</b>.<br /><b>"I prefer an interesting vice to a virtue that bores."</b>
toukhir mujawar
Ranch Hand

Joined: Oct 11, 2006
Posts: 70
I have already checked that link...

that is not sufficient for me..it might be for you...

i m already following that...
<%page session=false%>

but your authentication is application based and my authentication is containere based....

now you tell me how should i come out of this problem...
Sreeraj G Harilal
Ranch Hand

Joined: Apr 19, 2006
Posts: 310
Can you put the complete code like i did.
If you put the complete code including DD part we will get an idea about your problem.
Why you are hesitating to put the whole code here?
do it as early as possible
toukhir mujawar
Ranch Hand

Joined: Oct 11, 2006
Posts: 70
Code for Login page



<%@ page contentType="text/html"%>
<%@page pageEncoding="UTF-8"%>
<%@page session="false"%>

<html>
<head>
<title></title>
</head>
<body style="background-color:rgb(214,231,255);" >
<form name="Login" action="j_security_check" method="post">
<table width="980" height="543" border="0" cellpadding="0" cellspacing="0" class='box'>
<tr>

<td align="center"><table width="575" border="0" cellpadding="0" cellspacing="0" bordercolor="#D6E7FF">
<tr>
<td colspan='2' align="center"><table border="1" align=center cellpadding="0" cellspacing="0" bordercolor="#FF9900" frame="box" class=box>
<tr><td>Enter the User Name</td><td><input type="text" name="j_username"></td></tr>
<tr><td>Enter the Password</td><td><input type="password" name="j_password"></td></tr>
<tr><td colspan='2' align=center><input type="reset" value="Clear">            <input type="submit" value="Login"></td></tr>
</table>
<p> </p></td>
<td> </td>
</tr>
</table> </td>
</tr>
</table>
</form>
</body>
</html>



code for Logout....


public void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {response.setContentType(CONTENT_TYPE);
HttpSession session = request.getSession(false);

response.flushBuffer();
session.invalidate();

RequestDispatcher rd= request.getRequestDispatcher("/Login.jsp");
rd.forward(request,response);
}


web.xml contents....



<security-constraint>
<display-name>Example Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>DELETE</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>user</role-name>
</auth-constraint>
<user-data-constraint><transport-guarantee>NONE</transport-guarantee></user-data-constraint>
</security-constraint>

<login-config>
<auth-method>FORM</auth-method>
<realm-name>DailyCollection Authentication</realm-name>
<form-login-config>
<form-login-page>/Login.jsp</form-login-page>
<form-error-page>/ErrorLogin.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<description>User</description>
<role-name>
user
</role-name>
</security-role>
 
jQuery in Action, 2nd edition
 
subject: Logout Problem....
 
Similar Threads
problem with request forward
problem in logout procedure
Logout mechanism on Digest Authentication
Log out when using form based authentication
how to change URL?