Win a copy of GANs in ActionE this week in the AI forum
or WebAssembly in Action in the JavaScript forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Bear Bibeault
  • Paul Clapham
  • Jeanne Boyarsky
  • Knute Snortum
Sheriffs:
  • Liutauras Vilda
  • Tim Cooke
  • Junilu Lacar
Saloon Keepers:
  • Ron McLeod
  • Stephan van Hulst
  • Tim Moores
  • Tim Holloway
  • Carey Brown
Bartenders:
  • Joe Ess
  • salvin francis
  • fred rosenberger

How to invalidate a session when user switches to a different URL ?

 
Ranch Hand
Posts: 268
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

In my application the user has logged in ( session created ) . Then on the same browser user types : www.google.com . Then when he comes back to my site he is still logged in . I want to invalidate his session .
How this can be done ?
 
Ranch Hand
Posts: 144
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You can use the 'referer' header to get the from url. Supppose the user visits some other site in the same browser and then requests for some page in ur appln., he can do so either by clicking the BACK button or typing ur appln. url in the browser. In the latter case, i guess the 'referer' header would be null. I am not sure about the former scenario tho
 
Sheriff
Posts: 13411
Firefox Browser VI Editor Redhat
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If the user switches to a URL that isn't part of your application, you won't know it. You would just have to wait until the session times out.
 
Ranch Hand
Posts: 1026
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator


If the user switches to a URL that isn't part of your application, you won't know it. You would just have to wait until the session times out.



No need to wait till session expires. You can use the "referer" header to figure out whether user has left your application and switched to someother application and back with requests for some of your application resources.

I tried with "referer" header and it worked for me.

 
Ranch Hand
Posts: 689
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hey why dont u develop your application in other way..
i mean you better use java script for full screen.
you should not give the access to the user for entering the url and even exit button...


your application must display in full screen mode.....


u even disable right click option




cinux
 
Vishnu Prakash
Ranch Hand
Posts: 1026
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
But the one issue with this is you can easily get back to your resources with back browser button. Ben is there a way to control this?
 
Marshal
Posts: 67340
173
Mac Mac OS X IntelliJ IDE jQuery Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Originally posted by saikrishna cinux:

your application must display in full screen mode.....



Only if you want to completely tick off your user base.
 
Marshal
Posts: 24940
61
Eclipse IDE Firefox Browser MySQL Database
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Why would you even want to control it? Frankly it's none of your business if I am running your application and I open another window or another tab to check another site.
 
Bear Bibeault
Marshal
Posts: 67340
173
Mac Mac OS X IntelliJ IDE jQuery Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Originally posted by Paul Clapham:
Why would you even want to control it? Frankly it's none of your business if I am running your application and I open another window or another tab to check another site.



Bingo!
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser VI Editor Redhat
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Originally posted by Vishnu Prakash:
But the one issue with this is you can easily get back to your resources with back browser button. Ben is there a way to control this?



Not reliably, which is why I said what I did earlier.
If this is a big concern, you might want to shorten the session timeout.

By the way: I agree completely with Paul's comment.
As a user, I would consider any app that tries to control my screen or console to be a poorly written piece of crap.
[ December 09, 2005: Message edited by: Ben Souther ]
 
Alas, poor Yorick, he knew this tiny ad:
Java file APIs (DOC, XLS, PDF, and many more)
https://products.aspose.com/total/java
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!