Pasting code is the preferred method. Attachments are a pain. But please be sure to use CODE tags (see UseCodeTags).
In any case, you should not be putting Java code into a JSP. That is a poor practice that has been discredited for almost a decade now. Refactor out the logoff code into a servlet and then we can take things from there is you are still having difficulties.
Rituparna Duttagupta wrote:well, ok. i will code it in a servlet and then if there's any problem, i will get back here.
bt why is that it discouraged to use java code in jsp.
scriptlet tags are for that purpose only, na?
Back when JSPs came out, yes. Since then, people created monsters of spaghetti in the JSP. Model/view/controller (MVC) reinforced the best practice that JSPs should only be used for display. And today JSTL/EL make this easy.
I am back again with the same problem, i have put the logOut code in logOut.java file..
my logIn.java file goes like this...
both the files are working, that means i can log in, enter the user page, and after logging out i get redirected to index.jsp. upto this everything is working.
But, then when i am clicking on the Back button on the browser, i get back to the previous page, from where i'd been looged out.
how can i stop the browser to get back to the previous page?
I mean, once logged out, the user should by no means go back to her page without re-logging, not even by clicking on the back button of the browser.
Isn't that possible?
If no, then why is it not possible? if it's possible, how can i make this happen for my code?
yeah, on every user page i've used that session.getAttribute("user") and displayed it. But how to check the session?
i've dissolved the session in logOut.java by session.invalidate(); and also made the session.getSession(false).
but that's not enough it seems.
i must perform that session check, i think, but how? i don't know the process.
on the logout page ... i mean when the user logs out remove that session variable
and then when the user visits any other page i.e. after he logs out, check to see if that variable is there and then only allow him to visit the page he is reffering to