Win a copy of Kotlin in Action this week in the Kotlin forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Logout is not properly working in struts2 please help me  RSS feed

nalamati satyanarayana
Ranch Hand
Posts: 39
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all,
This is satya i developed logging/logout application using struts like
First i developed Logging interceptor this will authenticate and it will display success ful jsp then if i click on logout it will redireect to login jsp but after that if i click on
back on browser again it displaying successful jsp

Anybody please help me out to how to resolve this problem

My intrceptor code like this

* A Struts 2 interceptor that implements a login system.
public class LoginInterceptor extends AbstractInterceptor implements StrutsStatics {

private static final long serialVersionUID = 1L;
private SecurityManager securityManager;
private static final Log log = LogFactory.getLog (LoginInterceptor.class);
private static final String USER_HANDLE = "QUADRAN_USER_SESSSION_HANDLE";
private static final String LOGIN_ATTEMPT = "QUADRAN_LOGIN_ATTEMPT";
private static final String USERNAME = "QUADRAN_USERNAME";
private static final String PASSWORD = "QUADRAN_PASSWORD";

public void init () { ("Intializing LoginInterceptor");

public void destroy () {}

public String intercept (ActionInvocation invocation) throws Exception {
// Get the action context from the invocation so we can access the
// HttpServletRequest and HttpSession objects.
final ActionContext context = invocation.getInvocationContext ();
HttpServletRequest request = (HttpServletRequest) context.get(HTTP_REQUEST);
HttpSession session = request.getSession (true);

// Is there a "user" object stored in the user's HttpSession?
Object user = session.getAttribute (USER_HANDLE);
if (user == null) {
// The user has not logged in yet.

// Is the user attempting to log in right now?
String loginAttempt = request.getParameter (LOGIN_ATTEMPT);
if (! StringUtils.isBlank (loginAttempt) ) { // The user is attempting to log in.

// Process the user's login attempt.
if (processLoginAttempt (request, session) ) {
// The login succeeded send them the login-success page.
return "login-success";
} else {
// The login failed. Set an error if we can on the action.
Object action = invocation.getAction ();
if (action instanceof com.opensymphony.xwork2.ValidationAware) {
((com.opensymphony.xwork2.ValidationAware) action).addActionError ("Username or password incorrect.");

// Either the login attempt failed or the user hasn't tried to login yet,
// and we need to send the login form.
return "login";
} else {
return invocation.invoke ();

* Attempt to process the user's login attempt delegating the work to the
* SecurityManager.
public boolean processLoginAttempt (HttpServletRequest request, HttpSession session) {
// Get the username and password submitted by the user from the HttpRequest.
String username = request.getParameter (USERNAME);
String password = request.getParameter (PASSWORD);

SecurityManagerImpl s= new SecurityManagerImpl();
// Use the security manager to validate the user's username and password.
Object user = s.login (username, password);

if (user != null) {
// The user has successfully logged in. Store their user object in
// their HttpSession. Then return true.
session.setAttribute (USER_HANDLE, user);

return true;
} else {
// The user did not successfully log in. Return false.
return false;

public void setSecurityManager (SecurityManager in) {
log.debug ("Setting security manager using: " + in.toString () );
this.securityManager = in;

My logout action code below

session = (SessionMap<String, Object>)ActionContext.getContext().getSession();

System.out.println("removing: login "+session.get("QUADRAN_USER_SESSSION_HANDLE"));

System.out.println("removed - sreedevi: login "+session.get("QUADRAN_USER_SESSSION_HANDLE"));
return SUCCESS;

Nitesh Kant
Posts: 1638
IntelliJ IDE Java MySQL Database
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
CarefullyChooseOneForum while posting. Moving to struts forum.
David Newton
Posts: 12617
IntelliJ IDE Ruby
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Please UseCodeTags; code is quite difficult to read without them.

You'll need to disable caching, otherwise the browser will just show what it already has.
Pawan Kalyan
Ranch Hand
Posts: 34
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hey try this code in the page you navigate to after login page. ( Ex: Put this code in welcome.jsp after you login from login.jsp)


response.setHeader("Cache-Control","no-cache"); // HTTP 1.1
response.setHeader("Pragma","no-cache"); //HTTP 1.0
response.setDateHeader ("Expires", 0);

<script language="JavaScript">
var x=window.history.length;
if (window.history[x]!=window.location)

and use the response.setHeader part in every jsp in the Head section so that the browser wont cache.

This will work for 100%

Rob Spoor
Posts: 21092
Chrome Eclipse IDE Java Windows
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Moving to Struts (as I should've done before).
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!