aspose file tools*
The moose likes JSP and the fly likes Logout The Session Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » JSP
Bookmark "Logout The Session" Watch "Logout The Session" New topic
Author

Logout The Session

Ashok Haluvarthi
Greenhorn

Joined: Jul 04, 2002
Posts: 13
Hello All,
I have one problem in maintaining session and removing session.
when i press logout button it has to close the session here if i press Back button or Forward button it has to say that session has beeen closed pls login once again
These r the files
Index.html
html>
<body>
<form action=first.jsp method="post">
<pre><center><p> </p><p> </p><p> </p><p> </p>
UserName:<input type=text name=un><br>
Password:<input type=password name=pw><br>
<input type=Submit name=Login value=Login>
</form>
</body>
</html>
first.jsp
<html>
<title>Test</title>
<head>
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
<META HTTP-EQUIV="Expires" CONTENT="-1">
</head>
<body background="back_right.gif">

<%
String u_name="";
String p_word="";

u_name=request.getParameter("un");
p_word=request.getParameter("pw");
session.setAttribute("USERNAME",u_name);
session.setAttribute("PASSWORD",p_word);
String un =(String)session.getAttribute("USERNAME");
String pw =(String)session.getAttribute("PASSWORD");



%>
<% if (un.equals("ravi")&& pw.equals("ravi")) {
%>
<jsp:include page="second.jsp" />
<% }else out.println("Hello"); %>
<%
%>
</body>
</html>
second.jsp
<html>
<head>
<title></title>
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
<META HTTP-EQUIV="Expires" CONTENT="-1">
</head>
<body >

<%
String UN=(String)session.getAttribute("USERNAME");
String PW=(String)session.getAttribute("PASSWORD");

if (UN.equals("ravi")&& PW.equals("ravi"))
{
out.println("Hay");
}else
out.println("Hello");
%>
<center>
The values of session are
<%= UN %>
<%= PW %>
<form action="logout.jsp" method="post">
<input type=submit value=Logoff>
</form>
</body>
</html>
logout.jsp
<HTML>
<HEAD>
</HEAD>
<BODY onunload="JavaScript:writeCookies(1)">
<%
session.removeAttribute("USERNAME");
session.removeAttribute("PASSWORD");
if(session.equals(""))
{
response.sendRedirect("index.html");
}
%>
</BODY>
</HTML>
William Brogden
Author and all-around good cowpoke
Rancher

Joined: Mar 22, 2000
Posts: 12769
    
    5
You really should use the invalidate() method to discard the session. That will ensure that the previous login is totally gone. The code

is totally meaningless since a session will never equal a String.
Bill
Vedhas Pitkar
Ranch Hand

Joined: Jan 27, 2001
Posts: 445
Yep, & maybe u could check if(UN==null) which means no user name(out-of-seesion) & add the following code to all ur .jsp pages :-
<%
response.setHeader("cache-control","no-cache");
response.setHeader("Pragma","no-cache");
response.setDateHeader("Expires",0);
%>
This thing is working for me even with the Back Button
James Carman
Ranch Hand

Joined: Feb 20, 2001
Posts: 580
Originally posted by Vedhas Pitkar:
Yep, & maybe u could check if(UN==null) which means no user name(out-of-seesion) & add the following code to all ur .jsp pages :-
<%
response.setHeader("cache-control","no-cache");
response.setHeader("Pragma","no-cache");
response.setDateHeader("Expires",0);
%>
This thing is working for me even with the Back Button

I would not suggest that you add the code to all of your .jsp pages. This is a maintenance nightmare! I would suggest using a Filter to add the headers. This way, you avoid the headache of doing a search/replace if you ever want to change this functionality.


James Carman, President<br />Carman Consulting, Inc.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Logout The Session