Win a copy of Terraform in Action this week in the Cloud forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Tim Cooke
  • Campbell Ritchie
  • Paul Clapham
  • Ron McLeod
  • Liutauras Vilda
Sheriffs:
  • Jeanne Boyarsky
  • Rob Spoor
  • Bear Bibeault
Saloon Keepers:
  • Jesse Silverman
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
Bartenders:
  • Piet Souris
  • Al Hobbs
  • salvin francis

relogin on direct call of servlet after session invalidate

 
Greenhorn
Posts: 6
Eclipse IDE Oracle Spring
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Ranchers,

I am trying my hands on JEE application. I have created a J2EE application using MVC approach. I have a servlet "login" which calls a method in a java bean for authentication of the user. I have following flow:
http://localhost:8080/Myapplication/login.jsp > calls the /login servlet.
after I have authenticated the user i am forwarding the request to the relevant page i.e. success page or failure page.
suppose the user is authenticated. He navigate to these jsp's.
http://localhost:8080/Myapplication/page1.jsp
http://localhost:8080/Myapplication/page2.jsp
http://localhost:8080/Myapplication/page3.jsp
http://localhost:8080/Myapplication/page4.jsp and finally i have a jsp called logout.jsp and i am doing a session.invalidate() in this jsp. The session gets sucessfully logged out. However i have one glitch in the flow. i.e. if I use my browser back button and go back to the page where my browser address reads as http://localhost:8080/Myapplication/login servlet and If i do a refresh on this page the user is logged in again.

I want to remove this behavior of my application. Please advise.

Thanks in advance!!!
 
author & internet detective
Posts: 40847
829
Eclipse IDE VI Editor Java
  • Likes 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
It sounds like the form is being resubmitted with the login credentials. Take a look at the post redirect get pattern. It separates the submission from the next page. The redirect "breaks" them up so you can refresh to your heart's content without re-logging in.
 
reply
    Bookmark Topic Watch Topic
  • New Topic