aspose file tools*
The moose likes Servlets and the fly likes logout issue Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "logout issue" Watch "logout issue" New topic
Author

logout issue

Rahul Ba
Ranch Hand

Joined: Oct 01, 2008
Posts: 205
Hi all ,

I am working on online application where I have to implement the logout funtionality.
I have written code for logout, in which it removes the session availables.

Once I do logout I go the logout jsp which is fine. But, when I do browser back it shows me the previous screen which I am not
interested.Instead of that I should see again logout page. I have written some code to cache and refresh the page but it does not work.

Thanks in advance for your kind help.

Rahul

Naveen puttu
Ranch Hand

Joined: Sep 15, 2009
Posts: 88
How are you forwarding the control to logout.jsp
parampreet sethi
Greenhorn

Joined: Aug 03, 2009
Posts: 27

If the logout is done using form submit on the front end, then it should take care of back button click. (Clicking on back button of browser will ask user to resend the information.)

The other thing that you can do is, on all the application pages, you can check for session variables and if they are invalid redirect user to login page.

Ideally when user will click back button, he/she should be taken to login page instead of logout.


Param
Prasad Krishnegowda
Ranch Hand

Joined: Apr 25, 2010
Posts: 537

This is due to the caching problem, your browser is displaying the cached page..use no-cache in JSP.. this should solve the problem..
Rahul Ba
Ranch Hand

Joined: Oct 01, 2008
Posts: 205

I am forwarding to log out page by using following line

<a class="topNav" href="<%=request.getContextPath()%>/logout.html">Logout

Already, I do have following code in all jsp. but still when do browser back it shows me cached page.

response.setHeader("Pragma", "No-cache");
response.setHeader("Cache-Control", "no-cache");
response.setHeader("Cache-Control", "must-revalidate");


Thanks once again

Rahul
Naveen puttu
Ranch Hand

Joined: Sep 15, 2009
Posts: 88
Rahul Ba wrote:
I am forwarding to log out page by using following line

<a class="topNav" href="<%=request.getContextPath()%>/logout.html">Logout

Already, I do have following code in all jsp. but still when do browser back it shows me cached page.

response.setHeader("Pragma", "No-cache");
response.setHeader("Cache-Control", "no-cache");
response.setHeader("Cache-Control", "must-revalidate");


Thanks once again

Rahul


Why dont you try using this



The forward method of RequestDispatcher will forward the ServletRequest and ServletResponse that it is passed to the path that was specified in getRequestDispatcher(String path). The response will not be sent back to the client and so the client will not know about this change of resource on the server. This method is useful for communicating between server resources, (servlet to servlet). Because the request and response are forwarded to another resource all request parameters are maintained and available for use. Since the client does not know about this forward on the server, no history of it will be stored on the client, so using the back and forward buttons will not work.
Rahul Ba
Ranch Hand

Joined: Oct 01, 2008
Posts: 205

Yes, Naveen I did the same thing, but again the same thing. It did not work. It's like browser keeps the page in session and that is shown to us.
Please let me know your opinion.

Rahul
Naveen puttu
Ranch Hand

Joined: Sep 15, 2009
Posts: 88
Rahul Ba wrote:
Yes, Naveen I did the same thing, but again the same thing. It did not work. It's like browser keeps the page in session and that is shown to us.
Please let me know your opinion.

Rahul



Can you post your code in here . And BTW you may want to invalidate the session . That Should help and add a check for invalidated session and see what you want to do about it (Just a work around if you approaching deadlines).

post your code in here anywayz
Shankar Tanikella
Ranch Hand

Joined: Jan 30, 2011
Posts: 329

Invalidating the session is the best practice while logout and that is the way it should be.
The response header part mention previously should be actualy be done for all the JSPs since the the content sits in the browser cache.
Anyways its still an open issue, you can see all bank sites even to have "Please close the window" for security reasons.
for now, if the the page alone is your concern you can redirect the user to the same page.


Have Fun with Java
little,little.. little by little makes a lot..
Hari r.haran
Greenhorn

Joined: Feb 01, 2011
Posts: 9
Try adding the following to your page so that the browser will not cache the page:

<META HTTP-EQUIV="Expires" CONTENT="Tue, 01 Jan 1980 1:00:00 GMT">
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
Ashutosh M Kulkarni
Ranch Hand

Joined: Jun 07, 2010
Posts: 41

I believe that all the above solutions put together, you should not be facing the problem you were facing earlier.
If you still have the same problem, then probably the only explanation is that you need to clear your browser's contents.
Try removing the cookies, offline content, etc. or maybe try using another browser.

P.S. Please use code tags to abide by these practices.
Thank you,
Ashutosh.


SCJP 6, next stop - OCPJWCD!
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: logout issue