Win a copy of Functional Reactive Programming this week in the Other Languages forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Implementing Http session

 
sunny ranjan
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Friends
I want to implement session logout. that is if user's session is invalidated then he should not be able to access it.I have implemented like this
login.jsp
-------------
<form action=home.jlc>
<table>
<tr>
<td>UserName</td>
<td><input type="text" name="uname"></td>
</tr>
<tr><td>Password</td>
<td><input type="password" name="pwd">
</tr>
<tr><td colspan="2" align="center">
<input type="submit" value="login"/>
</table>
</form>

Home.java
-------------------
public class Home extends HttpServlet {
public void service(HttpServletRequest req,HttpServletResponse res)
throws ServletException,IOException{
HttpSession ses=req.getSession();
String un=req.getParameter("uname");
String pw=req.getParameter("pwd");
if(un.equals(pw)){
ses.setAttribute("USERNAME", un);
res.sendRedirect("home.jsp");
}
else{
RequestDispatcher rd1=req.getRequestDispatcher("/login.jsp");
rd1.forward(req, res);
PrintWriter out=res.getWriter();
out.println("Invalid username and password");
}
}
}

Home.jsp
-----------------
<form action="logout.jlc">
<table>
<% Object obj=session.getAttribute("USERNAME");
String str=obj.toString();
System.out.println(str);
out.println("<h1> Hi "+str+"</h1>");
%>
<tr>
<td><input type="submit" value="logout"/></td>
</tr>
</table></form>

Logout.java
-------------------
public class Logout extends HttpServlet {
public void service(HttpServletRequest req,HttpServletResponse res)
throws ServletException,IOException{
HttpSession ses=req.getSession();
Object obj=ses.getAttribute("USERNAME");
String str=obj.toString();
ses.removeAttribute("USERNAME");

ses.invalidate();
res.sendRedirect("logout.jsp");
}
}
logout.jsp
------------------
<center>
<%if(request.getSession()==null){
response.sendRedirect("logout.jsp");
}
%>
<h1>you have logged out</h1>


The problem is when i logout using logout button, session is invalidated but when i click on back page it goes back on the same page.How to prevent it from accessing if someone has already logged out.
 
Jeanne Boyarsky
author & internet detective
Marshal
Posts: 34973
379
Eclipse IDE Java VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
It looks like the page is being cached by the browser. You can set headers to suggest to the browser not to cache the page. Try http header do not cache
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic