| Author |
Implementing Http session
|
sunny ranjan
Greenhorn
Joined: Dec 21, 2012
Posts: 6
|
|
Hi Friends
I want to implement session logout. that is if user's session is invalidated then he should not be able to access it.I have implemented like this
login.jsp
-------------
<form action=home.jlc>
<table>
<tr>
<td>UserName</td>
<td><input type="text" name="uname"></td>
</tr>
<tr><td>Password</td>
<td><input type="password" name="pwd">
</tr>
<tr><td colspan="2" align="center">
<input type="submit" value="login"/>
</table>
</form>
Home.java
-------------------
public class Home extends HttpServlet {
public void service(HttpServletRequest req,HttpServletResponse res)
throws ServletException,IOException{
HttpSession ses=req.getSession();
String un=req.getParameter("uname");
String pw=req.getParameter("pwd");
if(un.equals(pw)){
ses.setAttribute("USERNAME", un);
res.sendRedirect("home.jsp");
}
else{
RequestDispatcher rd1=req.getRequestDispatcher("/login.jsp");
rd1.forward(req, res);
PrintWriter out=res.getWriter();
out.println("Invalid username and password");
}
}
}
Home.jsp
-----------------
<form action="logout.jlc">
<table>
<% Object obj=session.getAttribute("USERNAME");
String str=obj.toString();
System.out.println(str);
out.println("<h1> Hi "+str+"</h1>");
%>
<tr>
<td><input type="submit" value="logout"/></td>
</tr>
</table></form>
Logout.java
-------------------
public class Logout extends HttpServlet {
public void service(HttpServletRequest req,HttpServletResponse res)
throws ServletException,IOException{
HttpSession ses=req.getSession();
Object obj=ses.getAttribute("USERNAME");
String str=obj.toString();
ses.removeAttribute("USERNAME");
ses.invalidate();
res.sendRedirect("logout.jsp");
}
}
logout.jsp
------------------
<center>
<%if(request.getSession()==null){
response.sendRedirect("logout.jsp");
}
%>
<h1>you have logged out</h1>
The problem is when i logout using logout button, session is invalidated but when i click on back page it goes back on the same page.How to prevent it from accessing if someone has already logged out.
|
 |
Jeanne Boyarsky
internet detective
Marshal
Joined: May 26, 2003
Posts: 26496
|
|
|
It looks like the page is being cached by the browser. You can set headers to suggest to the browser not to cache the page. Try http header do not cache
|
[Blog] [JavaRanch FAQ] [How To Ask Questions The Smart Way] [Book Promos]
Blogging on Certs: SCEA Part 1, Part 2 & 3, Core Spring 3, OCAJP, OCPJP beta, TOGAF part 1 and part 2
|
|
 |
|
|
subject: Implementing Http session
|
|
|
0
