aspose file tools*
The moose likes JSP and the fly likes session invalidate Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » JSP
Bookmark "session invalidate" Watch "session invalidate" New topic
Author

session invalidate

Aravind Prasad
Ranch Hand

Joined: Dec 28, 2005
Posts: 263
dear ranchers,
I'm doing a program in JSP and MySQL After developing it completely, i've uploaded into the remote server (Linux OS). Now i'm testing the program.

I've 3 users at present
1) Super Admin
2) Admin
3) User

When I login with SuperAdmin, I can get the privilage of all the menus.
When i logout and login as admin / user, It is loging into superadmins' page.

I've invalidated the session in the logout link and also when the page is loading. But still experiencing the same problem in Internet explorer and not in Mozilla.

The end users are using Internet Explorer and hence i want to fix the problem.

Regards

Aravind Prasad
Deepak Bala
Bartender

Joined: Feb 24, 2006
Posts: 6662
    
    5

It is loging into superadmins' page.


Perhaps you are looking at a cached page ? It might also be that your logic could be at fault. I am not sure what you mean by logging into the super admin's page. What I picture here is, you have a page - welcome.jsp and some menus are available only for super admins ? Or do you have separate pages for users and the servlet redirection logic is at fault ?


SCJP 6 articles - SCJP 5/6 mock exams - More SCJP Mocks
Aravind Prasad
Ranch Hand

Joined: Dec 28, 2005
Posts: 263
Thankyou John for your reply.
let me explain the program..

There is a page called index.jsp.
There is a leftmenu where the permission to view the menu items is coming from the database. When a user don't have the permission to view the page it won't show that page also.

All the user details like - userid, firstname, lastname, main-menu setting, sub-menu setting, edit, delete permission is stored in the session.

So when i signout, i'm invalidating the session.but it is cached somewhere and when i login as another user it is bringing the one which i logged in before.. and when i press F5 key in the keyboard, it is showing the current user details.

Please help me to solve this.

regards

Aravind Prasad
Muhammad Saifuddin
Ranch Hand

Joined: Dec 06, 2005
Posts: 1321

look inside the Jsp FAQs for preventing cache.

http://faq.javaranch.com/view?NoCacheHeaders


Saifuddin..
[Blog][Linkedin] How To Ask Questions On JavaRanch My OpenSource
Aravind Prasad
Ranch Hand

Joined: Dec 28, 2005
Posts: 263
Dear Saif uddin,
Thanks for the reply. I tried to put this and it is also not working.. It is still giving me the same problem.

I put these code

response.setHeader( "Pragma", "no-cache" );
response.setHeader( "Cache-Control", "no-cache" );
response.setDateHeader( "Expires", 0 );

after the session.invalidate() it is not working.

May be you can tell me the correct place where i can add this piece of code for my program to be perfect.

Please advise me.

REgards

Aravind Prasad
Sunil Vasudevan
Ranch Hand

Joined: Mar 05, 2007
Posts: 107
Can you please attach the piece of code that you use to identify the user role? If you are using session.invalidate(), it is unlikely that any value will be retrieved from the session object again. It is supposed to throw IllegalStateException if any method is called on an invalidated session.

It is possible that your code has a logical bug.


Sunil.V<br />SCJP2, SCWCD1.4, SCBCD1.3
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: session invalidate