It's not a secret anymore!
The moose likes JSP and the fly likes session invalidate Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » JSP
Bookmark "session invalidate" Watch "session invalidate" New topic

session invalidate

Aravind Prasad
Ranch Hand

Joined: Dec 28, 2005
Posts: 265
dear ranchers,
I'm doing a program in JSP and MySQL After developing it completely, i've uploaded into the remote server (Linux OS). Now i'm testing the program.

I've 3 users at present
1) Super Admin
2) Admin
3) User

When I login with SuperAdmin, I can get the privilage of all the menus.
When i logout and login as admin / user, It is loging into superadmins' page.

I've invalidated the session in the logout link and also when the page is loading. But still experiencing the same problem in Internet explorer and not in Mozilla.

The end users are using Internet Explorer and hence i want to fix the problem.


Aravind Prasad
Deepak Bala

Joined: Feb 24, 2006
Posts: 6662

It is loging into superadmins' page.

Perhaps you are looking at a cached page ? It might also be that your logic could be at fault. I am not sure what you mean by logging into the super admin's page. What I picture here is, you have a page - welcome.jsp and some menus are available only for super admins ? Or do you have separate pages for users and the servlet redirection logic is at fault ?

SCJP 6 articles - SCJP 5/6 mock exams - More SCJP Mocks
Aravind Prasad
Ranch Hand

Joined: Dec 28, 2005
Posts: 265
Thankyou John for your reply.
let me explain the program..

There is a page called index.jsp.
There is a leftmenu where the permission to view the menu items is coming from the database. When a user don't have the permission to view the page it won't show that page also.

All the user details like - userid, firstname, lastname, main-menu setting, sub-menu setting, edit, delete permission is stored in the session.

So when i signout, i'm invalidating the session.but it is cached somewhere and when i login as another user it is bringing the one which i logged in before.. and when i press F5 key in the keyboard, it is showing the current user details.

Please help me to solve this.


Aravind Prasad
Muhammad Saifuddin
Ranch Hand

Joined: Dec 06, 2005
Posts: 1323

look inside the Jsp FAQs for preventing cache.

[Blog][Linkedin] How To Ask Questions On JavaRanch My OpenSource
Aravind Prasad
Ranch Hand

Joined: Dec 28, 2005
Posts: 265
Dear Saif uddin,
Thanks for the reply. I tried to put this and it is also not working.. It is still giving me the same problem.

I put these code

response.setHeader( "Pragma", "no-cache" );
response.setHeader( "Cache-Control", "no-cache" );
response.setDateHeader( "Expires", 0 );

after the session.invalidate() it is not working.

May be you can tell me the correct place where i can add this piece of code for my program to be perfect.

Please advise me.


Aravind Prasad
Sunil Vasudevan
Ranch Hand

Joined: Mar 05, 2007
Posts: 107
Can you please attach the piece of code that you use to identify the user role? If you are using session.invalidate(), it is unlikely that any value will be retrieved from the session object again. It is supposed to throw IllegalStateException if any method is called on an invalidated session.

It is possible that your code has a logical bug.

Sunil.V<br />SCJP2, SCWCD1.4, SCBCD1.3
I agree. Here's the link:
subject: session invalidate
jQuery in Action, 3rd edition