Win a copy of The Java Performance Companion this week in the Performance forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

session.invalidate()

 
Arka Sharma
Ranch Hand
Posts: 103
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator


Hi,

I have created one project.There is one login.jsp page.After successful log in i'm setting user name and password as session attribute then redirect to home page.In home page I created a link to logout.jsp where I have called session.invalidate() then redirect to log in page.But after that if i click browser back button it is going back to home page.Is it due to browser cache ?Whatever be the reason how to resolve it ?

Thanks
Arka

 
Vijay Tidake
Ranch Hand
Posts: 148
Hibernate Java Tomcat Server
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

on jsp page you can check for the valid session by method getSession(false) and the depending upon the condition check
you can redirect the user to appropriate page.


Thanks
 
Arka Sharma
Ranch Hand
Posts: 103
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Hi,

I have added the folowing in my home.jsp page.When a login is successful it will redirect to home.jsp.

if(request.getSession(false)==null)
{
response.sendRedirect("login.jsp");
}

But still after logging out if i'm pressing back button it is going to home.jsp.
 
Vijay Tidake
Ranch Hand
Posts: 148
Hibernate Java Tomcat Server
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
Please check the link

Thanks
 
Tim Holloway
Saloon Keeper
Pie
Posts: 18212
53
Android Eclipse IDE Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have a personal grudge against every J2EE author who ever used a "login page" as an example. There's a technical term for people who write their own webapp security code: "pwned". J2EE has a well-developed security system of its own, and in most cases it's more than sufficient to for web application security needs.

However, disregarding my own prejudices, the problem here is that the browser "Back" button doesn't connect directly to the webapp. The "Back" button simply causes the browser to re-submit the URL from the previous page.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic