Forums Register Login

Log Out when using security-constraint

+Pie Number of slices to send: Send
HI!
I am using Tomcat's <security-constraint> security feature, and I have no problems with my users logging in and eventually logging out (when session expires???)
What I want to do is to have a button that would log users out.... So I made a button to a LogOut.jsp where I tried the following:
<% session.invalidate(); %>
but it doesn't seem to work... How would you log out?
thank you!
+Pie Number of slices to send: Send
Hi,
I think your code is correct, i.e., the session is correctly invalidated
(i.e. all the attributes related to that HttpSession object will not be
more accessible, etc, etc).
However, you should note that the next time you access any jsp page,
your code will probably create a new session, because, by default,
any JSP page calls a getSession() (equivalent to getSession(true)) method
at the beginning of the request, which will always create a session if it doesn't find one.
BTW, if you are using BASIC authentication, then the problem is that you can only get a new authentication window (to put your name and password) only if you close ALL your browser windows (this is a problem related with
the BASIC authentication method itself, not with java). In this case, you would probably consider to use FORM authentication instead.
Anyway, could you be more specific ? what "it doesn't seem to work" means?
Dani
+Pie Number of slices to send: Send
by it doesn't totaly work I mean is that it dont give no errors, but when I open the admin page (not from the browsers cache), it doesn't ask me for a pass...
oh man.. I dont like form thingy... its too much work But even in that case, how would you give the user ability to log out?
admin tool has this thing logOut.do, but I couldnt find it anywhere... ???
The moustache of a titan! The ad of a flea:
a bit of art, as a gift, that will fit in a stocking
https://gardener-gift.com


reply
reply
This thread has been viewed 686 times.
Similar Threads
Weblogic security - ajax web service
MVC, JSP/Servlet/Bean Design Issue
nested security using security-constraint
HFSJ Errata - error about auth-constraint
Form-based Security
More...

All times above are in ranch (not your local) time.
The current ranch time is
Mar 28, 2024 06:12:13.