| Author |
session invalidate
|
Aravind Prasad
Ranch Hand
Joined: Dec 28, 2005
Posts: 258
|
|
dear ranchers,
I'm doing a program in JSP and MySQL After developing it completely, i've uploaded into the remote server (Linux OS). Now i'm testing the program.
I've 3 users at present
1) Super Admin
2) Admin
3) User
When I login with SuperAdmin, I can get the privilage of all the menus.
When i logout and login as admin / user, It is loging into superadmins' page.
I've invalidated the session in the logout link and also when the page is loading. But still experiencing the same problem in Internet explorer and not in Mozilla.
The end users are using Internet Explorer and hence i want to fix the problem.
Regards
Aravind Prasad
|
 |
Deepak Bala
Bartender
Joined: Feb 24, 2006
Posts: 6588
|
|
It is loging into superadmins' page.
Perhaps you are looking at a cached page ? It might also be that your logic could be at fault. I am not sure what you mean by logging into the super admin's page. What I picture here is, you have a page - welcome.jsp and some menus are available only for super admins ? Or do you have separate pages for users and the servlet redirection logic is at fault ?
|
SCJP 6 articles - SCJP 5/6 mock exams - SCJP Mocks - SCJP 5 Mock exam (Word document ) - SCJP 5 Mock exam in Java.Inquisition format
|
|
Aravind Prasad
Ranch Hand
Joined: Dec 28, 2005
Posts: 258
|
|
Thankyou John for your reply.
let me explain the program..
There is a page called index.jsp.
There is a leftmenu where the permission to view the menu items is coming from the database. When a user don't have the permission to view the page it won't show that page also.
All the user details like - userid, firstname, lastname, main-menu setting, sub-menu setting, edit, delete permission is stored in the session.
So when i signout, i'm invalidating the session.but it is cached somewhere and when i login as another user it is bringing the one which i logged in before.. and when i press F5 key in the keyboard, it is showing the current user details.
Please help me to solve this.
regards
Aravind Prasad
|
|
Muhammad Saifuddin
Ranch Hand
Joined: Dec 06, 2005
Posts: 1318
|
|
look inside the Jsp FAQs for preventing cache.
http://faq.javaranch.com/view?NoCacheHeaders
|
Saifuddin..
[Linkedin] How To Ask Questions On JavaRanch My OpenSource
|
|
Aravind Prasad
Ranch Hand
Joined: Dec 28, 2005
Posts: 258
|
|
Dear Saif uddin,
Thanks for the reply. I tried to put this and it is also not working.. It is still giving me the same problem.
I put these code
response.setHeader( "Pragma", "no-cache" );
response.setHeader( "Cache-Control", "no-cache" );
response.setDateHeader( "Expires", 0 );
after the session.invalidate() it is not working.
May be you can tell me the correct place where i can add this piece of code for my program to be perfect.
Please advise me.
REgards
Aravind Prasad
|
|
Sunil Vasudevan
Ranch Hand
Joined: Mar 05, 2007
Posts: 107
|
|
Can you please attach the piece of code that you use to identify the user role? If you are using session.invalidate(), it is unlikely that any value will be retrieved from the session object again. It is supposed to throw IllegalStateException if any method is called on an invalidated session.
It is possible that your code has a logical bug.
|
Sunil.V<br />SCJP2, SCWCD1.4, SCBCD1.3
|
|
 |
|
|
subject: session invalidate
|
|
|
0
