• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Rob Spoor
  • Tim Cooke
  • Junilu Lacar
Sheriffs:
  • Henry Wong
  • Liutauras Vilda
  • Jeanne Boyarsky
Saloon Keepers:
  • Jesse Silverman
  • Tim Holloway
  • Stephan van Hulst
  • Tim Moores
  • Carey Brown
Bartenders:
  • Al Hobbs
  • Mikalai Zaikin
  • Piet Souris

refresh for invalidated user session

 
Ranch Hand
Posts: 218
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hi there,
on a servlet I've got an action which invalidates the user session

request.getSession().invalidate();

on an included jsp fragment, I've got the following code which simple tells me what's the user role (if he has it).


The first time I call the servlet the jsp page still shows me that the user is looged in, but if I call it again, then it correctly shows the user is not authenticated.
I'm pretty sure that the servlet does its job, because If I call the protected resources it asks me again to log me in. It actually looks like the jsp page needs a refresh.

Any suggestions?
Thanks in advance.
 
Sheriff
Posts: 67590
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
What's the relation ship between the servelt and the included JSP fragment. At what point in the process do you check the session for validity?
 
Alessandro Ilardo
Ranch Hand
Posts: 218
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
it just switch the login or logout link. It doesn't any business logic.
That's why it keeps showing me the logout link even If I already made it.
 
Greenhorn
Posts: 20
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I have seen this kinda behaviour with struts.
1. try request.getSession().invalidateSession() in JSP itself. It is not a good practice.
2. request.getSession(true). it will also create new session so that old session wont exists. bit better practice.
 
Bear Bibeault
Sheriff
Posts: 67590
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
"Shiv",

There aren't many rules that you need to worry about here on the Ranch, but one that we take very seriously regards the use of proper names. Please take a look at the JavaRanch Naming Policy and adjust your display name to match it.

In particular, your display name must be a first and a last name separated by a space character, and must not be obviously fictitious.

Thanks!
bear
JavaRanch Sheriff
 
reply
    Bookmark Topic Watch Topic
  • New Topic