Meaningless Drivel is fun!*
The moose likes JSP and the fly likes session invalid problem Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of OCA/OCP Java SE 7 Programmer I & II Study Guide this week in the OCPJP forum!
JavaRanch » Java Forums » Java » JSP
Bookmark "session invalid problem" Watch "session invalid problem" New topic
Author

session invalid problem

Gona Chakrabarti
Greenhorn

Joined: Sep 22, 2010
Posts: 3
I am doing a j2ee project.In that proj to access the inner page user have to login.In login Servlet we create a session



String u=request.getParameter("uid");
String p=request.getParameter("pass");

User u1=new User();
u1.setId(Integer.parseInt(u));
u1.setPass(p);


Login l1=new Login();

if(l1.loginRequest(u1))
{
u1=l1.getName(u1);
u1.setPass("xxxxx");
session=request.getSession(true);
session.setMaxInactiveInterval(10*60);
session.setAttribute("USER",u1);
request.getRequestDispatcher("service.jsp").forward(request,response);

}
else
{
request.setAttribute("ERROR","Login Unsuccessful");
request.getRequestDispatcher("login.jsp").forward(request,response);
}


Next ,In each jsp page I check this session


<%
if((User)session.getAttribute("USER")==null )
{
request.getRequestDispatcher("login.jsp").forward(request,response);
}
%>

and I have a jsp page logout.jsp .If user click the link of this page then the session will be invalided

<body>
<% session=request.getSession(true);
session.invalidate();
response.sendRedirect("http://localhost:8080/MESS2/index.html");
%>
</body>

But the problem is First time when server is running no session is created then if I put the url in address bar of the browser then it redirect to login page but when I login and
then logout and then put the url in browser address bar that time it is not redirected to login page ,it goes that page. session created by the user is still exists.
But after logout I can't want to give the chanse to user to visit the inner page.
Shailesh Narkhede
Ranch Hand

Joined: Jul 10, 2008
Posts: 368
Hi,

Browser might showing you page cached by browser. are you accessing session object in page that you are trying to access after logout? if yes that will give you exception.


Thanks,
Shailesh
Gona Chakrabarti
Greenhorn

Joined: Sep 22, 2010
Posts: 3
I not getting your point .How it will give exception.If I access a session if it is not present then a new session will be created.But how can i check login or logout
state.
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61451
    
  67

Please be sure to use code tags when posting code to the forums. Unformatted or unindented code is extremely hard to read and many people that might be able to help you will just move along to posts that are easier to read. Please click this link ⇒ UseCodeTags ⇐ for more information.

Properly indented and formatted code greatly increases the probability that your question will get quicker, better answers.


[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
Hebert Coelho
Ranch Hand

Joined: Jul 14, 2010
Posts: 754

Hello, Gona.

As Bear Bibeault said, put your codes inside the code tag.

Try change your code, from to
About getSession():
1) The default is true, so, getSession() do the same as getSession(true) ;
2) If there is no session, with the true parameter you will always get a new session.
3) With false as parameter, you will get null if there is no session.
4) User filter instead Scriplet. There is a link in my signature that might help you with that.


[uaiHebert.com] [Full WebApplication JSF EJB JPA JAAS with source code to download] One Table Per SubClass [Web/JSF]
Gona Chakrabarti
Greenhorn

Joined: Sep 22, 2010
Posts: 3
Gona Chakrabarti wrote:I am doing a j2ee project.In that proj to access the inner page user have to login.In login Servlet we create a session





Next ,In each jsp page I check this session




and I have a jsp page logout.jsp .If user click the link of this page then the session will be invalided


But the problem is First time when server is running no session is created then if I put the url in address bar of the browser then it redirect to login page but when I login and
then logout and then put the url in browser address bar that time it is not redirected to login page ,it goes that page. session created by the user is still exists.
But after logout I can't want to give the chanse to user to visit the inner page.
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
 
subject: session invalid problem