As HTTPSession is a server side object, calling invalidate() method requires a call to the server. If my logout link is a simple html link, is ther anyway that I logout from the application/invalidate the session?
You need to submit a request to the server to activate code to invalidate the session. It can be via a link, a form submit, an Ajax call, a frame, or any of the other request methods, but it has to be done on the server.
I am just elaborating Bear's answer. You can call a JS function on your link. Have a FORM tag in your HTML whose action should be your servlet. In this function do a FORM_NAME.submit(). This will invoke your servlet, now you can invalidate session happily
posted 7 years ago
That does not necessarily have to be a form. A plain vanilla link can also perfectly point to some servlet.