• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

need help implementing logout

 
Ranch Hand
Posts: 197
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
After logging out of my application, clicking the back arrow sends the user to the previous page, but the user remains locked out. However when you get to a page that contains a form, you're presented with a dialog box that essentially re-posts the login data! How can I over ride this. I thought I had all the bases covered with the code below:


Clicking 'log out' on my application, the following code is called:



...and in the JSPs, I have this in the header:

 
author
Posts: 4335
39
jQuery Eclipse IDE Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You could implement a more complex session management system that creates a database entry for each active session. You could also choose to instead of invalidating the session, setting a 'disabled' flag.

There's probably some other 'cleaner' approaches although having a table that manages active sessions can be useful for tracking and management.
 
kwame Iwegbue
Ranch Hand
Posts: 197
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thank you for your prompt reply Scott.

You could implement a more complex session management system that creates a database entry for each active session.



How would this work? do I save a session_id to the database and compare with each new login?
 
Greenhorn
Posts: 18
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
i can suggest a simple javascript approach

in the logout.jsp page

after the form tage place in javascript as follows

window.history.forward(1);

so when ever you press the back page it will forward the login.jsp page.
 
Ranch Hand
Posts: 2308
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Try disabling the browser cache.Probably the pages getting fetched from the cache.And in the header of every page add session check.If the user is not authinticated then redirect to the login page.To disable the browser , you can use meta-link in the head tag of each of the html's.
 
Ranch Hand
Posts: 1514
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Unless you are certain no user will be accesing with an older browser, you may want to add the folowing to your JSPs.

response.setHeader("Pragma", "no-cache");
 
Ranch Hand
Posts: 116
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
This is a nice article on how to fix the logout problem. http://www.javaworld.com/javaworld/jw-09-2004/jw-0927-logout.html
 
You had your fun. Now it's time to go to jail. Thanks for your help tiny ad.
a bit of art, as a gift, that will fit in a stocking
https://gardener-gift.com
reply
    Bookmark Topic Watch Topic
  • New Topic