• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Logout Problem....

 
Ranch Hand
Posts: 70
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Friends how should i invalidate the authentication that i have done through Tomcat Server......that is using file based realm......

The code for Logout Servelet


public void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {response.setContentType(CONTENT_TYPE);
HttpSession session = request.getSession();

session.invalidate();

RequestDispatcher rd= request.getRequestDispatcher("/Login.jsp");
rd.forward(request,response);
}


this is the code that i have written for Logout...the problem is i have not invalidated the authentication....

please help me ... what should i add to this code?
 
Bartender
Posts: 6663
5
MyEclipse IDE Firefox Browser Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Looks like you have invalidated the session - session.invalidate();

What do mean by invalidating the authentication ?
 
toukhir mujawar
Ranch Hand
Posts: 70
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
once the user get authenticated he enters into the protected area....

i want to make the user come out of protected area....but the problem is i cant refer to the Login page directly...

thats why i need to end the authentication ...that is what i mean to say by invalidating authentication...
 
Ranch Hand
Posts: 299
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You need authentication to access some resources. After invalidating the session the session is no longer valid. So there is no need for you to do what you say. Correct me if I'm wrong. Your quesion is not clear.
 
toukhir mujawar
Ranch Hand
Posts: 70
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
my problem is when i click Logout it shows Login page nad when i try to Login the following error message is fired...


HTTP Status 400 - Invalid direct reference to form login page

--------------------------------------------------------------------------------

type Status report

message Invalid direct reference to form login page

description The request sent by the client was syntactically incorrect (Invalid direct reference to form login page).


--------------------------------------------------------------------------------

Apache Tomcat/5.5.6


can you suggest me what should i do?
 
Ranch Hand
Posts: 310
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
toukhir mujawar, please check this link
Session Invalidate
 
toukhir mujawar
Ranch Hand
Posts: 70
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I have already checked that link...

that is not sufficient for me..it might be for you...

i m already following that...
<%page session=false%>

but your authentication is application based and my authentication is containere based....

now you tell me how should i come out of this problem...
 
Sreeraj G Harilal
Ranch Hand
Posts: 310
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Can you put the complete code like i did.
If you put the complete code including DD part we will get an idea about your problem.
Why you are hesitating to put the whole code here?
do it as early as possible
 
toukhir mujawar
Ranch Hand
Posts: 70
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Code for Login page



<%@ page contentType="text/html"%>
<%@page pageEncoding="UTF-8"%>
<%@page session="false"%>

<html>
<head>
<title></title>
</head>
<body style="background-color:rgb(214,231,255);" >
<form name="Login" action="j_security_check" method="post">
<table width="980" height="543" border="0" cellpadding="0" cellspacing="0" class='box'>
<tr>

<td align="center"><table width="575" border="0" cellpadding="0" cellspacing="0" bordercolor="#D6E7FF">
<tr>
<td colspan='2' align="center"><table border="1" align=center cellpadding="0" cellspacing="0" bordercolor="#FF9900" frame="box" class=box>
<tr><td>Enter the User Name</td><td><input type="text" name="j_username"></td></tr>
<tr><td>Enter the Password</td><td><input type="password" name="j_password"></td></tr>
<tr><td colspan='2' align=center><input type="reset" value="Clear">            <input type="submit" value="Login"></td></tr>
</table>
<p> </p></td>
<td> </td>
</tr>
</table> </td>
</tr>
</table>
</form>
</body>
</html>



code for Logout....


public void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {response.setContentType(CONTENT_TYPE);
HttpSession session = request.getSession(false);

response.flushBuffer();
session.invalidate();

RequestDispatcher rd= request.getRequestDispatcher("/Login.jsp");
rd.forward(request,response);
}


web.xml contents....



<security-constraint>
<display-name>Example Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>DELETE</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>user</role-name>
</auth-constraint>
<user-data-constraint><transport-guarantee>NONE</transport-guarantee></user-data-constraint>
</security-constraint>

<login-config>
<auth-method>FORM</auth-method>
<realm-name>DailyCollection Authentication</realm-name>
<form-login-config>
<form-login-page>/Login.jsp</form-login-page>
<form-error-page>/ErrorLogin.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<description>User</description>
<role-name>
user
</role-name>
</security-role>
 
please buy my thing and then I'll have more money:
a bit of art, as a gift, that will fit in a stocking
https://gardener-gift.com
reply
    Bookmark Topic Watch Topic
  • New Topic