• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Session handling in structs framework

 
Madmax
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi All,
We are using session cookies to maintain user information. We have a 'Logout' button, when clicked will call session.invalidate(); method to close the session.
The question is if the user clicks on the back button and clicks on the logout button again, the server throws the following jasper exception.
Error:
javax.servlet.jsp.JspException: No bean found under attribute key UserSessionObj
javax.servlet.jsp.JspException: No bean found under attribute key UserSessionObj
at org.apache.struts.taglib.logic.CompareTagBase.condition(CompareTagBase.java:222)
at org.apache.struts.taglib.logic.EqualTag.condition(EqualTag.java:90)
at org.apache.struts.taglib.logic.ConditionalTagBase.doStartTag(ConditionalTagBase.java:218)
at org.apache.jsp.plainHeader_jsp._jspx_meth_logic_equal_0(plainHeader_jsp.java:127)
at org.apache.jsp.plainHeader_jsp._jspService(plainHeader_jsp.java:87)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:136)
We are using struts framework. The web.xml has a listener class which has the session object. How do we make changes for it to recognise the session is invalid and redirect to ./login.jsp?
web.xml content:
<listener>
<listener-class>
com.user.UserSessionObj
</listener-class>
</listener>
If anyone knows how to handle this, we would appreciate it.
Thanks in advance.
Madmax
 
Marilyn de Queiroz
Sheriff
Posts: 9067
12
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Madmax,

Welcome to JavaRanch! Please adjust your display name to meet the JavaRanch Naming Policy.
You can change it here.

Thanks!
 
saager mhatre
Ranch Hand
Posts: 61
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
That's basically because you're trying to invalidate a session that doesn't exist (because you just invalidated it!). You need to expire your logout page so that it cannot be accessed by using the back button on the browser.
 
Ravi Kumar Ravuru
Ranch Hand
Posts: 176
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello Madmax,
In each jsp page,check for the session object,if it is null,redirect the page to login.jsp.If the user clicks the back button,as the session value is null,it will be redirected to login page.Hope it may help u.
Ravi
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic