• Post Reply Bookmark Topic Watch Topic
  • New Topic

Session Problem  RSS feed

 
prashant komaragiri
Ranch Hand
Posts: 36
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi All,
I am testing my site .Say if i log on to site as 'A' and send an auto mail to myself contining the link of some page in site.Then if i click this link it should first redirect me to Login page, but it is taking me as User 'A' and directly showing the page.How to prvent this?
Prashant
 
L Goundalkar
Ranch Hand
Posts: 395
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
May be your hyper link is containing the username as query string. like..
www.mysite.com?user="A"
check this.
You can make the users to compulsorily login to your site by introducing your own login machanism and making your log in page as the entry point.
You can also check the session in between and validate the user.
it would be better if you send some code snippets so that it will show clear problem.
 
Bosun Bello
Ranch Hand
Posts: 1512
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
In the click of your link you can check for a session attribute, if it's available you can forward to the appropriate page, if it's not, you can then forward to the login page.
 
prashant komaragiri
Ranch Hand
Posts: 36
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Guys,
Thanks for the reply.
* No iam not passing username through query string.
* I have put userid in session and check for the user id in the page .i.e if user id is null then go to UserLogin.Still its getting redirected to login page
Prashant
 
L Goundalkar
Ranch Hand
Posts: 395
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Prashant,
If your application provides checking of mails and user has to log in, then naturally the userid will not be null for B user. so he will be forwarded to index page instead of userlogin.
Can u attach some code snippet.. it would be clear for us to understand.
 
prashant komaragiri
Ranch Hand
Posts: 36
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Lakshmeenarayana,
Iam checking the mail from outlook .And Looking at source of the mail throug view source,it does'nt contain anything related to session.
Prashant
 
L Goundalkar
Ranch Hand
Posts: 395
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
So u mean to say from your mail agent i.e. outlook if u click on the url it goes to the page which is for logged in users.
what is the user name in the session. is it null ?? may be u r going wrong in invalidating the user.
try sessionInvalidate() method after sending the mail message and check.
It may give correct results.
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!