Win a copy of Practical SVG this week in the HTML/CSS/JavaScript forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

relogin on direct call of servlet after session invalidate

NareshKumar Yadav
Posts: 6
Eclipse IDE Oracle Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Ranchers,

I am trying my hands on JEE application. I have created a J2EE application using MVC approach. I have a servlet "login" which calls a method in a java bean for authentication of the user. I have following flow:
http://localhost:8080/Myapplication/login.jsp > calls the /login servlet.
after I have authenticated the user i am forwarding the request to the relevant page i.e. success page or failure page.
suppose the user is authenticated. He navigate to these jsp's.
http://localhost:8080/Myapplication/page4.jsp and finally i have a jsp called logout.jsp and i am doing a session.invalidate() in this jsp. The session gets sucessfully logged out. However i have one glitch in the flow. i.e. if I use my browser back button and go back to the page where my browser address reads as http://localhost:8080/Myapplication/login servlet and If i do a refresh on this page the user is logged in again.

I want to remove this behavior of my application. Please advise.

Thanks in advance!!!
Jeanne Boyarsky
author & internet detective
Posts: 35762
Eclipse IDE Java VI Editor
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
It sounds like the form is being resubmitted with the login credentials. Take a look at the post redirect get pattern. It separates the submission from the next page. The redirect "breaks" them up so you can refresh to your heart's content without re-logging in.
please buy my thing and then I'll have more money:
the new thread boost feature: great for the advertiser and smooth for the coderanch user
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!