Help coderanch get a
new server
by contributing to the fundraiser
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

session invalid problem

 
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I am doing a j2ee project.In that proj to access the inner page user have to login.In login Servlet we create a session



String u=request.getParameter("uid");
String p=request.getParameter("pass");

User u1=new User();
u1.setId(Integer.parseInt(u));
u1.setPass(p);


Login l1=new Login();

if(l1.loginRequest(u1))
{
u1=l1.getName(u1);
u1.setPass("xxxxx");
session=request.getSession(true);
session.setMaxInactiveInterval(10*60);
session.setAttribute("USER",u1);
request.getRequestDispatcher("service.jsp").forward(request,response);

}
else
{
request.setAttribute("ERROR","Login Unsuccessful");
request.getRequestDispatcher("login.jsp").forward(request,response);
}


Next ,In each jsp page I check this session


<%
if((User)session.getAttribute("USER")==null )
{
request.getRequestDispatcher("login.jsp").forward(request,response);
}
%>

and I have a jsp page logout.jsp .If user click the link of this page then the session will be invalided

<body>
<% session=request.getSession(true);
session.invalidate();
response.sendRedirect("http://localhost:8080/MESS2/index.html");
%>
</body>

But the problem is First time when server is running no session is created then if I put the url in address bar of the browser then it redirect to login page but when I login and
then logout and then put the url in browser address bar that time it is not redirected to login page ,it goes that page. session created by the user is still exists.
But after logout I can't want to give the chanse to user to visit the inner page.
 
Ranch Hand
Posts: 368
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,

Browser might showing you page cached by browser. are you accessing session object in page that you are trying to access after logout? if yes that will give you exception.
 
Gona Chakrabarti
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I not getting your point .How it will give exception.If I access a session if it is not present then a new session will be created.But how can i check login or logout
state.
 
Sheriff
Posts: 67750
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Please be sure to use code tags when posting code to the forums. Unformatted or unindented code is extremely hard to read and many people that might be able to help you will just move along to posts that are easier to read. Please click this link ⇒ UseCodeTags ⇐ for more information.

Properly indented and formatted code greatly increases the probability that your question will get quicker, better answers.
 
Ranch Hand
Posts: 754
Eclipse IDE Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello, Gona.

As Bear Bibeault said, put your codes inside the code tag.

Try change your code, from to
About getSession():
1) The default is true, so, getSession() do the same as getSession(true) ;
2) If there is no session, with the true parameter you will always get a new session.
3) With false as parameter, you will get null if there is no session.
4) User filter instead Scriplet. There is a link in my signature that might help you with that.
 
Gona Chakrabarti
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Gona Chakrabarti wrote:I am doing a j2ee project.In that proj to access the inner page user have to login.In login Servlet we create a session





Next ,In each jsp page I check this session




and I have a jsp page logout.jsp .If user click the link of this page then the session will be invalided


But the problem is First time when server is running no session is created then if I put the url in address bar of the browser then it redirect to login page but when I login and
then logout and then put the url in browser address bar that time it is not redirected to login page ,it goes that page. session created by the user is still exists.
But after logout I can't want to give the chanse to user to visit the inner page.

 
What does a metric clock look like? I bet it is nothing like this tiny ad:
We need your help - Coderanch server fundraiser
https://coderanch.com/t/782867/Coderanch-server-fundraiser
reply
    Bookmark Topic Watch Topic
  • New Topic