Jsp session problem

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • ajeeshc
    New Member
    • Sep 2009
    • 20
    #1

    Jsp session problem

    using jsp Create a sample page for login and when i enter the correct string moves to inner page and when i clicked logout it redirect to home page from there when i click the back button it goes to my inner page how to avoid that


    my login page
    <%@ page language="java" import="java.ut il.*" pageEncoding="I SO-8859-1"%>

    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
    <html>
    <head>
    <title>
    <meta http-equiv="pragma" content="no-cache">
    <meta http-equiv="cache-control" content="no-cache">
    <meta http-equiv="expires" content="0">
    <meta http-equiv="cache-request-directive" content="no-cache">
    <meta http-equiv="cache-response-directive" content="must-revalidate">
    </title>
    </head>

    <body>
    <form name="f1" method="post" action="inner.j sp" />
    <input type="text" name="user" id="user"/>
    <input type="password" name="pass" id="pass"/>
    <input type="submit" name="login" id="log" value="login"/>
    </form>

    </body>
    </html>



    innerpage
    <%@ page language="java" import="java.ut il.*" pageEncoding="I SO-8859-1"%>

    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
    <html>
    <head>
    <title>
    <meta http-equiv="pragma" content="no-cache">
    <meta http-equiv="cache-control" content="no-cache">
    <meta http-equiv="expires" content="0">
    <meta http-equiv="cache-request-directive" content="no-cache">
    <meta http-equiv="cache-response-directive" content="must-revalidate">
    </title>
    </head>

    <body>
    <%String user=request.ge tParameter("use r");
    String pass=request.ge tParameter("pas s");
    String s="aji";
    session.setAttr ibute("user",us er);

    if(user.compare To(s.toString() ) >0)
    {
    response.sendRe direct("index.j sp");
    }
    else
    {
    String username=sessio n.getAttribute( "user").toStrin g();
    out.print(usern ame);
    }
    %>
    <form action="temp.js p">
    <input type="submit" value="logout" />
    </form>
    </body>
    </html>

    3ed page
    <%@ page language="java" import="java.ut il.*" pageEncoding="I SO-8859-1"%>


    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
    <html>
    <head>
    <title>
    <meta http-equiv="pragma" content="no-cache">
    <meta http-equiv="cache-control" content="no-cache">
    <meta http-equiv="expires" content="0">
    <meta http-equiv="cache-request-directive" content="no-cache">
    <meta http-equiv="cache-response-directive" content="must-revalidate">
    </title>
    </head>

    <body>
    <%session.inval idate();
    response.sendRe direct("index.j sp"); %> <br>
    </body>
    </html>
    Tags: None
    • bksamrat
      New Member
      • Dec 2009
      • 2
      #2
      1. Ensure that all the internal pages has pragma no-cache tag.
      2. As soon as u log out redirect the page. Redirect means to put it should add meta http-equiv=refresh tag in the output page.
      3. All internal pages should be in session scope.
      4. When logout is done remove the session.

        Comment

        • ajeeshc
          New Member
          • Sep 2009
          • 20
          #3
          i tried bcoz i am biginner i cant get u completely could you pls give explanation with code.Any way thank u for spending time for solving my problem

            Comment

            • bksamrat
              New Member
              • Dec 2009
              • 2
              #4
              1. Ensure that all the internal pages has pragma no-cache tag.
              Every html page can get cached in local browser of user. To ensure that revisiting the page is fetched from server you have to set pragma no-cache.
              Please insert following tags in your page at top.
              <%
              response.setHea der("Cache-Control","no-cache");
              response.setHea der("Pragma","n o-cache");
              response.setDat eHeader ("Expires", -1);
              %>

              Refer the following link for further reference. http://www.rgagnon.com/javadetails/java-0590.html


              2. As soon as u log out redirect the page. Redirect means to put it should add meta http-equiv=refresh tag in the output page.
              Which page do you show after you sucessfully logout. Lets say its logout.jsp.
              In that logout.jsp you put following code.
              <meta http-equiv="refresh" content="10;URL =login.jsp">
              This will reload with redirect after 10 seconds.. This ensures that even if user does back he is redirected to login page.
              You can reduce the seconds from 10 to something lesser.



              3. All internal pages should be in session scope.
              4. When logout is done remove the session.
              For creating and removing session please refer to the example
              .

              Apache Tomcat/8.0.33 - Error report
              http://www.roseindia.net/quickguide/tomcat/Logout.shtml


              You have to do all the above steps to ensure its full proof solution.

              -Samrat Dhamale
              samratdhamale
              http://samratdhamale.blogspot.com/
              Matheran Sunrise

                Comment

                Previous template Next
                Working...