• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Application Not signing out Authenticate customers

 
somu muthaiah
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

Am basically new to Struts 2. I have a complex situation here..If you guys can help me it would be great !! :rolleyes:

I have a client server Application. below is the actual scenario.

The application is not signing authenticated customers out of the application when the "x" is clicked in the top right of the browser to close the browser. If customer "A" authenticates in the app and then closes the browser using the "x" and then customer "B" navigates to the application on the same computer, the application is automatically authenticating and treating customer "B" as if they were customer "A" . The application needs to be fixed so that anytime the “x” on the browser is used to close it, all authenticated information is cleared from memory.

I tried to capture the window close event by using onUnload event but to my dismay the function triggers when the page is refreshed or navigated. Tried to capture by mouse posistion but again dosent work when it is closed by "Alt F4" or the window size is small..

Will Token-Session interceptor of struts2 be useful to solve this issue as it stops multiple request from same session. please help me out guys, am totally confused? :confused:
 
Ankit Garg
Sheriff
Posts: 9519
22
Android Google Web Toolkit Hibernate IntelliJ IDE Java Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
When you said that you press of the "x" (close) button did you mean the browser or tab?? If you close the browser window completely, the session cookie is deleted from the browser (by default the JSESSIONID cookie's life is -1 i.e. till the browser window is open). This question has been asked before like here. Token session won't be of much help as its only useful to prevent double submission of a form...
 
somu muthaiah
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks Ankit for your reply !

In case of Firefox, if we open two browser windows simultaneously and sign in to the application in one window, the cookies are getting shared with the other window also. so closing the particular window (with 'x') alone will not delete the JSESSIONID and so the problem persists as the cookie is alive in the other window

In case of IE, I meant when we close the Tab, the problem occurs.

And It would be really helpful if you could elaborate why token session will not be a good hand here?.

And Is there any other way to solve this other than using onUnload to capture the close event as it has its own set of drawbacks.??
 
somu muthaiah
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Any Help guys ??
 
David Newton
Author
Rancher
Posts: 12617
IntelliJ IDE Ruby
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
This has nothing to do with Struts--this is just how browsers work.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic