This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
Am basically new to Struts 2. I have a complex situation here..If you guys can help me it would be great !! :rolleyes:
I have a client server Application. below is the actual scenario.
The application is not signing authenticated customers out of the application when the "x" is clicked in the top right of the browser to close the browser. If customer "A" authenticates in the app and then closes the browser using the "x" and then customer "B" navigates to the application on the same computer, the application is automatically authenticating and treating customer "B" as if they were customer "A" . The application needs to be fixed so that anytime the “x” on the browser is used to close it, all authenticated information is cleared from memory.
I tried to capture the window close event by using onUnload event but to my dismay the function triggers when the page is refreshed or navigated. Tried to capture by mouse posistion but again dosent work when it is closed by "Alt F4" or the window size is small..
Will Token-Session interceptor of struts2 be useful to solve this issue as it stops multiple request from same session. please help me out guys, am totally confused? :confused:
When you said that you press of the "x" (close) button did you mean the browser or tab?? If you close the browser window completely, the session cookie is deleted from the browser (by default the JSESSIONID cookie's life is -1 i.e. till the browser window is open). This question has been asked before like here. Token session won't be of much help as its only useful to prevent double submission of a form...
In case of Firefox, if we open two browser windows simultaneously and sign in to the application in one window, the cookies are getting shared with the other window also. so closing the particular window (with 'x') alone will not delete the JSESSIONID and so the problem persists as the cookie is alive in the other window
In case of IE, I meant when we close the Tab, the problem occurs.
And It would be really helpful if you could elaborate why token session will not be a good hand here?.
And Is there any other way to solve this other than using onUnload to capture the close event as it has its own set of drawbacks.??