• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Bear Bibeault
  • Junilu Lacar
Sheriffs:
  • Jeanne Boyarsky
  • Tim Cooke
  • Henry Wong
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • salvin francis
  • Frits Walraven
Bartenders:
  • Scott Selikoff
  • Piet Souris
  • Carey Brown

Session tracking

 
Ranch Hand
Posts: 89
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all,
I am tring to try and figure out how session tracking work's in servlets.
I will post the code and would appreciate the guru's to let me know if there is a better way of tracking user session's. Also I have one problem with my current code, when i click the back button on the browser i still see the secured webpage even though i have invalidated my session. Thanks for your replies...
index.jsp page(login page)


Login servlet code.

welcome.java code

Logoff.java code


the problem is when the user uses the back button, he can still see the contents on the welcome page? Thanks!
-Kitz
 
Ranch Hand
Posts: 951
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello,

I think the page is cached in the browser therfore it is showing the page. I am not sure but the problem can be sloved by adding the following two lines to set the cache control while sending the response.

response.setHeader("Cache-control","no-cache"); //HTTP 1.1
response.setHeader("pragma","no-cache");

Alternatively, you can use the "no-store" value in above lines instead of "no-cache". This value will not store the page in browser temporary directory.

Thank you.
 
Ranch Hand
Posts: 156
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Originally posted by Narendra Dhande:
Hello,

I think the page is cached in the browser therfore it is showing the page. I am not sure but the problem can be sloved by adding the following two lines to set the cache control while sending the response.

response.setHeader("Cache-control","no-cache"); //HTTP 1.1
response.setHeader("pragma","no-cache");

Alternatively, you can use the "no-store" value in above lines instead of "no-cache". This value will not store the page in browser temporary directory.

Thank you.


Hi Narendra,

Setting those headers definitely worked, but after Refreshing that "expired page" the contents did come back. How to stop the browser to RE-send the contents back to the server after the page has expired.

Thanks.
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
    Bookmark Topic Watch Topic
  • New Topic