Win a copy of Mesos in Action this week in the Cloud/Virtualizaton forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

need help implementing logout

 
kwame Iwegbue
Ranch Hand
Posts: 197
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
After logging out of my application, clicking the back arrow sends the user to the previous page, but the user remains locked out. However when you get to a page that contains a form, you're presented with a dialog box that essentially re-posts the login data! How can I over ride this. I thought I had all the bases covered with the code below:


Clicking 'log out' on my application, the following code is called:



...and in the JSPs, I have this in the header:

 
Scott Selikoff
author
Saloon Keeper
Posts: 4014
18
Eclipse IDE Flex Google Web Toolkit
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You could implement a more complex session management system that creates a database entry for each active session. You could also choose to instead of invalidating the session, setting a 'disabled' flag.

There's probably some other 'cleaner' approaches although having a table that manages active sessions can be useful for tracking and management.
 
kwame Iwegbue
Ranch Hand
Posts: 197
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thank you for your prompt reply Scott.

You could implement a more complex session management system that creates a database entry for each active session.


How would this work? do I save a session_id to the database and compare with each new login?
 
reddy yeruva
Greenhorn
Posts: 18
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
i can suggest a simple javascript approach

in the logout.jsp page

after the form tage place in javascript as follows

window.history.forward(1);

so when ever you press the back page it will forward the login.jsp page.
 
Rahul Bhattacharjee
Ranch Hand
Posts: 2308
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Try disabling the browser cache.Probably the pages getting fetched from the cache.And in the header of every page add session check.If the user is not authinticated then redirect to the login page.To disable the browser , you can use meta-link in the head tag of each of the html's.
 
Bosun Bello
Ranch Hand
Posts: 1511
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Unless you are certain no user will be accesing with an older browser, you may want to add the folowing to your JSPs.

response.setHeader("Pragma", "no-cache");
 
vishwanath nadimpally
Ranch Hand
Posts: 116
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
This is a nice article on how to fix the logout problem. http://www.javaworld.com/javaworld/jw-09-2004/jw-0927-logout.html
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic