• Post Reply Bookmark Topic Watch Topic
  • New Topic

JSP, Cookies and frames

 
Carlos Marquez
Greenhorn
Posts: 13
Java Linux Netbeans IDE
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hey everyone, I've been working on a logout code for my system, it seems that I already killed all the cookies with the setMaxAge method, the thing is when i logout when my account and relog with a different one it keeps showing the same menu until i press F5 or relog, im pretty sure this is because the frames im using, the main frame doesnt refresh when the user logs, any idea?

BTW im using tomcat 5, IE6 and got 2 frames on my index.
[ October 02, 2007: Message edited by: Carlos Marquez ]
 
Tim Holloway
Bartender
Posts: 18414
58
Android Eclipse IDE Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Yikes! If you're keeping your session information in cookies, you've got a major security issue. Bad People have been known to abuse cookies. ONLY use cookies for user info if there's absolutely nothing evil anyone could do with the info that's in them. Otherwise use cookies to store references to objects stored back on the server where they'll be harder to get at.

A cleaner method is to use the HttpSession object. To log off of a session, you simply do a session.invalidate() call.

The downside of HttpSessions is that they requires more server-side resources. However, not only are they more secure, there's less network traffic involved, since only the session ID gets sent between client and server and not all the detailed session data.
 
Carlos Marquez
Greenhorn
Posts: 13
Java Linux Netbeans IDE
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Im using the session.invalidate object, in my code i first kill all the cookies with the maxAge value in 0 then i use the invalidate object, I guess the main problem is with the frames or maybe the code is not doing what its supossed to do.
Im using something like this in my logout.jsp...
 
Carlos Marquez
Greenhorn
Posts: 13
Java Linux Netbeans IDE
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Finally i got it, I dont know if its the best way but works, I sent the value of the cookie as url parameter, in the main menu frame i "reload" the cookie and shows the correct user menu, as i said, I dont know if its the best way, so any suggestion will be appreciated.

Cheers!
 
Carlos Marquez
Greenhorn
Posts: 13
Java Linux Netbeans IDE
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Carlos Marquez:
Finally i got it, I dont know if its the best way but works, I sent the value of the cookie as url parameter, in the main menu frame i "reload" the cookie and shows the correct user menu, as i said, I dont know if its the best way, so any suggestion will be appreciated.

Cheers!


Nevermind, its weird, what i did worked on my localhost, and it didnt once i uploaded to the server...im confused
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!