This week's giveaway is in the Android forum.
We're giving away four copies of Android Security Essentials Live Lessons and have Godfrey Nolan on-line!
See this thread for details.
The moose likes JSP and the fly likes Session Management Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Java » JSP
Bookmark "Session Management" Watch "Session Management" New topic
Author

Session Management

ash neet
Ranch Hand

Joined: Dec 21, 2010
Posts: 33
Hello everyone,

I have created a session for user who logs in. after the user logs out, the session is invalidated. i have given a link for "Home page" on the logout page. When the use logs out and clicks the home link, the user is redirected to home page. but even after logging out, the "welcome user" and "logout link" still remains on the home page. I tried to clear the cache by using -

<%
response.setHeader("Cache-Control","no-store"); //HTTP 1.1
response.setHeader("Pragma","no-cache"); //HTTP 1.0
response.setDateHeader ("Expires", 0); //prevents caching at the proxy server
%>

but, no effect. the session is invalidated, I checked. what could be the reason? please help!!

regards,

Ashneet.
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 60804
    
  65

What would caching have to do with removing elements from a page?


[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
ash neet
Ranch Hand

Joined: Dec 21, 2010
Posts: 33
Bear Bibeault wrote:What would caching have to do with removing elements from a page?


I thought so. So how do I remove the elements?

I have used -
<%
username = session.getAttribute("username");
%>
<%
if(username!=null)
{
%>
welcome <%=username%>, logout
<%
}
%>
Aniruddh Joshi
Ranch Hand

Joined: Jul 29, 2008
Posts: 275

try this :


Anrd
"One of the best things you could do is to simplify a larger application into a smaller one by reducing its process and complexity - Fowler"
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 60804
    
  65

Firstly, you should not be using scriptlets. Java code in a JSP has been discredited for over 9 years now, and their use at this point is irresponsible.

Using the JSTL and EL, the scenario could be as follows:

  • Let's say that when the user logins in, you place a scoed varibale named user in the session.
  • For logging out, you simple remove the variable. You can invalidate the session, but it's really not necessary.

  • On pages, you can easily check to see if the scoped variable is in the session with:
     
    I agree. Here's the link: http://aspose.com/file-tools
     
    subject: Session Management
     
    Similar Threads
    Logout function not working in JSF
    Cearing browser Cache using Servlet
    back button in mozilla
    After Logout still keeping session
    Re-login issue after click on browsers back button and press refresh