• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Logout The Session

 
Ashok Haluvarthi
Greenhorn
Posts: 13
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello All,
I have one problem in maintaining session and removing session.
when i press logout button it has to close the session here if i press Back button or Forward button it has to say that session has beeen closed pls login once again
These r the files
Index.html
html>
<body>
<form action=first.jsp method="post">
<pre><center><p> </p><p> </p><p> </p><p> </p>
UserName:<input type=text name=un><br>
Password:<input type=password name=pw><br>
<input type=Submit name=Login value=Login>
</form>
</body>
</html>
first.jsp
<html>
<title>Test</title>
<head>
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
<META HTTP-EQUIV="Expires" CONTENT="-1">
</head>
<body background="back_right.gif">

<%
String u_name="";
String p_word="";

u_name=request.getParameter("un");
p_word=request.getParameter("pw");
session.setAttribute("USERNAME",u_name);
session.setAttribute("PASSWORD",p_word);
String un =(String)session.getAttribute("USERNAME");
String pw =(String)session.getAttribute("PASSWORD");



%>
<% if (un.equals("ravi")&& pw.equals("ravi")) {
%>
<jsp:include page="second.jsp" />
<% }else out.println("Hello"); %>
<%
%>
</body>
</html>
second.jsp
<html>
<head>
<title></title>
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
<META HTTP-EQUIV="Expires" CONTENT="-1">
</head>
<body >

<%
String UN=(String)session.getAttribute("USERNAME");
String PW=(String)session.getAttribute("PASSWORD");

if (UN.equals("ravi")&& PW.equals("ravi"))
{
out.println("Hay");
}else
out.println("Hello");
%>
<center>
The values of session are
<%= UN %>
<%= PW %>
<form action="logout.jsp" method="post">
<input type=submit value=Logoff>
</form>
</body>
</html>
logout.jsp
<HTML>
<HEAD>
</HEAD>
<BODY onunload="JavaScript:writeCookies(1)">
<%
session.removeAttribute("USERNAME");
session.removeAttribute("PASSWORD");
if(session.equals(""))
{
response.sendRedirect("index.html");
}
%>
</BODY>
</HTML>
 
William Brogden
Author and all-around good cowpoke
Rancher
Posts: 13064
6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You really should use the invalidate() method to discard the session. That will ensure that the previous login is totally gone. The code

is totally meaningless since a session will never equal a String.
Bill
 
Vedhas Pitkar
Ranch Hand
Posts: 445
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Yep, & maybe u could check if(UN==null) which means no user name(out-of-seesion) & add the following code to all ur .jsp pages :-
<%
response.setHeader("cache-control","no-cache");
response.setHeader("Pragma","no-cache");
response.setDateHeader("Expires",0);
%>
This thing is working for me even with the Back Button
 
James Carman
Ranch Hand
Posts: 580
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Vedhas Pitkar:
Yep, & maybe u could check if(UN==null) which means no user name(out-of-seesion) & add the following code to all ur .jsp pages :-
<%
response.setHeader("cache-control","no-cache");
response.setHeader("Pragma","no-cache");
response.setDateHeader("Expires",0);
%>
This thing is working for me even with the Back Button

I would not suggest that you add the code to all of your .jsp pages. This is a maintenance nightmare! I would suggest using a Filter to add the headers. This way, you avoid the headache of doing a search/replace if you ever want to change this functionality.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic