Win a copy of Think Java: How to Think Like a Computer Scientist this week in the Java in General forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

session invalid problem

 
Gona Chakrabarti
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am doing a j2ee project.In that proj to access the inner page user have to login.In login Servlet we create a session



String u=request.getParameter("uid");
String p=request.getParameter("pass");

User u1=new User();
u1.setId(Integer.parseInt(u));
u1.setPass(p);


Login l1=new Login();

if(l1.loginRequest(u1))
{
u1=l1.getName(u1);
u1.setPass("xxxxx");
session=request.getSession(true);
session.setMaxInactiveInterval(10*60);
session.setAttribute("USER",u1);
request.getRequestDispatcher("service.jsp").forward(request,response);

}
else
{
request.setAttribute("ERROR","Login Unsuccessful");
request.getRequestDispatcher("login.jsp").forward(request,response);
}


Next ,In each jsp page I check this session


<%
if((User)session.getAttribute("USER")==null )
{
request.getRequestDispatcher("login.jsp").forward(request,response);
}
%>

and I have a jsp page logout.jsp .If user click the link of this page then the session will be invalided

<body>
<% session=request.getSession(true);
session.invalidate();
response.sendRedirect("http://localhost:8080/MESS2/index.html");
%>
</body>

But the problem is First time when server is running no session is created then if I put the url in address bar of the browser then it redirect to login page but when I login and
then logout and then put the url in browser address bar that time it is not redirected to login page ,it goes that page. session created by the user is still exists.
But after logout I can't want to give the chanse to user to visit the inner page.
 
Shailesh Narkhede
Ranch Hand
Posts: 368
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

Browser might showing you page cached by browser. are you accessing session object in page that you are trying to access after logout? if yes that will give you exception.
 
Gona Chakrabarti
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I not getting your point .How it will give exception.If I access a session if it is not present then a new session will be created.But how can i check login or logout
state.
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 64824
86
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Please be sure to use code tags when posting code to the forums. Unformatted or unindented code is extremely hard to read and many people that might be able to help you will just move along to posts that are easier to read. Please click this link ⇒ UseCodeTags ⇐ for more information.

Properly indented and formatted code greatly increases the probability that your question will get quicker, better answers.
 
Hebert Coelho
Ranch Hand
Posts: 754
Eclipse IDE Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello, Gona.

As Bear Bibeault said, put your codes inside the code tag.

Try change your code, from to
About getSession():
1) The default is true, so, getSession() do the same as getSession(true) ;
2) If there is no session, with the true parameter you will always get a new session.
3) With false as parameter, you will get null if there is no session.
4) User filter instead Scriplet. There is a link in my signature that might help you with that.
 
Gona Chakrabarti
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Gona Chakrabarti wrote:I am doing a j2ee project.In that proj to access the inner page user have to login.In login Servlet we create a session





Next ,In each jsp page I check this session




and I have a jsp page logout.jsp .If user click the link of this page then the session will be invalided


But the problem is First time when server is running no session is created then if I put the url in address bar of the browser then it redirect to login page but when I login and
then logout and then put the url in browser address bar that time it is not redirected to login page ,it goes that page. session created by the user is still exists.
But after logout I can't want to give the chanse to user to visit the inner page.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic