• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

SSL Session tracking

 
Ranch Hand
Posts: 62
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Guys,

I have a question on SSL mechanism.
Basically, i have developed a small app, which also consists log-in and log-out buttons. now in the log out code i call session.invalidate(); to terminate the session explicity. But what i have seen is when I paste any https url of my earlier transactn in the same browser window, with out refreshing it it displays the secure page with out asking for login again.
Is this due to existence of jsession id used by SSL mechanism even after invalidate() call is returned?

pls let me know ur thoughts and solutns as well

Also this is my first day as a Java rancher and m Going on for SCWCD 1.4 on 12th! so any tips tricks are welcome


thnx in Advance!!
 
pie sneak
Posts: 4727
Mac VI Editor Ruby
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The jsession id in the url will not cause this. The user simply is not getting logged out. How to log out depends on your security configuration. Invalidating the session is recommended, but does not log you out unless your security is 100% programmatic (meaning all security is controlled in code and managed in session scope).

Let us know a little more info and we'll see what we can do. Be warned - fred or I may move this thread to another Javaranch forum later (like the Security forum) to help you find your answer if we can't help. This forum is used more for people asking questions/doubts about difficult topics that they come across during SCWCD studies.

Welcome to the Ranch, Mike, and good luck on your test! Don't forget to post your results in the Sun Certification Results forum when you pass!
 
reply
    Bookmark Topic Watch Topic
  • New Topic