aspose file tools
The moose likes JSP and the fly likes Session handling in structs framework Big Moose Saloon
  Search | Java FAQ | Recent Topics
Register / Login


Win a copy of Arduino in Action this week in the General Computing forum!

A special promo: Enter your blog post or vote on a blogger to be featured in an upcoming Journal
JavaRanch » Java Forums » Java » JSP
Reply Bookmark "Session handling in structs framework" Watch "Session handling in structs framework" New topic
Author

Session handling in structs framework

Madmax
Greenhorn

Joined: Nov 13, 2002
Posts: 6
posted private message
0
Quote
Hi All,
We are using session cookies to maintain user information. We have a 'Logout' button, when clicked will call session.invalidate(); method to close the session.
The question is if the user clicks on the back button and clicks on the logout button again, the server throws the following jasper exception.
Error:
javax.servlet.jsp.JspException: No bean found under attribute key UserSessionObj
javax.servlet.jsp.JspException: No bean found under attribute key UserSessionObj
at org.apache.struts.taglib.logic.CompareTagBase.condition(CompareTagBase.java:222)
at org.apache.struts.taglib.logic.EqualTag.condition(EqualTag.java:90)
at org.apache.struts.taglib.logic.ConditionalTagBase.doStartTag(ConditionalTagBase.java:218)
at org.apache.jsp.plainHeader_jsp._jspx_meth_logic_equal_0(plainHeader_jsp.java:127)
at org.apache.jsp.plainHeader_jsp._jspService(plainHeader_jsp.java:87)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:136)
We are using struts framework. The web.xml has a listener class which has the session object. How do we make changes for it to recognise the session is invalid and redirect to ./login.jsp?
web.xml content:
<listener>
<listener-class>
com.user.UserSessionObj
</listener-class>
</listener>
If anyone knows how to handle this, we would appreciate it.
Thanks in advance.
Madmax
Marilyn de Queiroz
Sheriff

Joined: Jul 22, 2000
Posts: 9033
    
  10
posted private message
0
Quote
Hi Madmax,

Welcome to JavaRanch! Please adjust your display name to meet the JavaRanch Naming Policy.
You can change it here.

Thanks!

JavaBeginnersFaq
"Yesterday is history, tomorrow is a mystery, and today is a gift; that's why they call it the present." Eleanor Roosevelt
saager mhatre
Ranch Hand

Joined: Dec 20, 2000
Posts: 61
posted private message
0
Quote
That's basically because you're trying to invalidate a session that doesn't exist (because you just invalidated it!). You need to expire your logout page so that it cannot be accessed by using the back button on the browser.
Ravi Kumar Ravuru
Ranch Hand

Joined: Apr 18, 2002
Posts: 176
posted private message
0
Quote
Hello Madmax,
In each jsp page,check for the session object,if it is null,redirect the page to login.jsp.If the user clicks the back button,as the session value is null,it will be redirected to login page.Hope it may help u.
Ravi
 
I agree. Here's the link: http://ej-technologies/jprofiler - if it wasn't for jprofiler, we would need to run our stuff on 16 servers instead of 3.
 
subject: Session handling in structs framework
 
Similar Threads
Session Invalidation and Timeout !
Session Handling
logic:equal tag
Srping+Hibernate bad configurated causing huge memory consumption
Remove managed bean from session