• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Rob Spoor
  • Tim Cooke
  • Junilu Lacar
Sheriffs:
  • Henry Wong
  • Liutauras Vilda
  • Jeanne Boyarsky
Saloon Keepers:
  • Jesse Silverman
  • Tim Holloway
  • Stephan van Hulst
  • Tim Moores
  • Carey Brown
Bartenders:
  • Al Hobbs
  • Mikalai Zaikin
  • Piet Souris

Invalidating session in a jsp

 
Ranch Hand
Posts: 54
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi All,

I have got Login.jsp and Index.jsp in my application.

When I enter the URL for Index.jsp it redirects me to the Login page.

I have included the following lines in my Index.jsp



Once I login, I create a session in my LoginServlet.java.

Now I have got a Logout link in my Index.jsp which when clicked takes to the Login page.



How to invalidate the session once I click the Logout link?

Thanks in advance!

 
Rancher
Posts: 377
Android Spring Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hey,
If you are only doing this in JSPs then you would have to call the session.invalidate();. Though you should think about using servlets as well so you don't have to do all your java coding in side the jsps as this quickly gets messy and unmanageable.

Sean
 
Sheriff
Posts: 67590
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Actually, you should be doing authentication checking in a filter, not in the JSPs, not in the servlets. And using .isNew() is not the best of ideas. Places an authetication token in the session upon login and check for that.
 
jagan raja
Ranch Hand
Posts: 54
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Clark / Bibeault ,

Thanks for your info. I shall try using Filter for authentication.

And Bibeault, can I know why I shouldnt be using isNew()?

And authentication token in the sense do I want to set a attribute in a session and check for that in my jsp?

 
Bear Bibeault
Sheriff
Posts: 67590
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

jagan raja wrote:And Bibeault, can I know why I shouldnt be using isNew()?

Look it up in the javadoc and see f you can answer this question yourself.

And authentication token in the sense do I want to set a attribute in a session and check for that in my jsp?

Yes, except that you can put something much more meaningful than a string in the session. I use a construct that not only indicates that a user is logged in, but identifies the user (as well as other properties such as roles and permissions when appropriate).
 
jagan raja
Ranch Hand
Posts: 54
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Bibeault,


So using isNew() doesn't confirm if a client has joined the session.

Thanks for your information.

 
You can thank my dental hygienist for my untimely aliveness. So tiny:
Thread Boost feature
https://coderanch.com/t/674455/Thread-Boost-feature
reply
    Bookmark Topic Watch Topic
  • New Topic