This week's book giveaway is in the Servlets forum.
We're giving away four copies of Murach's Java Servlets and JSP and have Joel Murach on-line!
See this thread for details.
The moose likes JSP and the fly likes Maintaining sessions Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Java » JSP
Bookmark "Maintaining sessions" Watch "Maintaining sessions" New topic
Author

Maintaining sessions

Sonam Zam
Greenhorn

Joined: Apr 18, 2007
Posts: 9
hi friends i have created a web application using netbeans 6.0

When a user loggs in the data is sent from Login page to a servlet which in turn communicates with a bean. if the user id and password are valid the servlet creates a session and sets the attribute as follows

HttpSession session = request.getSession();
session.setAttribute("uname",uname);

And forwarding it to a new jsp called Welcome.jsp . and on Welcome.jsp i am checkin the attribute value from session object.
Now on Welcome.jsp if i press back (on browser) my Login page is displayed. and then if i press forward button (on browser) the Welcome.jsp is displayed even if the user id and password is not entered. How do i handle the sessions?
Syed Saifuddin
Ranch Hand

Joined: Sep 01, 2003
Posts: 130
Hi Sonam Zam

write small java code on the login page that invalidate the whole session.


Thank You & Best Regards,

Syed Saifuddin,
Senior Software Engineer

SAP Oracle AIX & Java Training
http://www.socialinet.com
 
 
subject: Maintaining sessions
 
Similar Threads
Preventing url hacking in a Spring/Struts application
New question on SERVLET filter
Authontication module not properly working
problem using requestdispatcher interface
Pass session from JSP to servlet?