?
Solved

how to code in Java for logout

Posted on 2004-11-05
11
Medium Priority
?
18,399 Views
Last Modified: 2013-11-23
My question is regarding coding in Java for logout part, I have a code in hand, it return to login page(index.html), but when I click IE "Back" botton it bring me to prevous page.  How can I adjust code such that once I click IE "back", IE redirects me to another page said session terminate or something. thanks for help, here is the logout.java code I have

package org.frb.ny.mg.icr.login;

import javax.servlet.*;
import javax.servlet.http.*;
/**
 * Insert the type's description here.
 */
public class LogOut extends HttpServlet {
/**
 * Process incoming HTTP GET requests
 *
 * @param request Object that encapsulates the request to the servlet
 * @param response Object that encapsulates the response from the servlet
 */
public void doGet(HttpServletRequest req, HttpServletResponse res)
      throws ServletException, java.io.IOException {
          
      HttpSession session = req.getSession(false);
      if (session != null) {
            session.removeAttribute("userId");
            session.removeAttribute("userPw");
            session.removeAttribute("url");
            session.invalidate();
      }
      
      res.sendRedirect("../index.html");
}
}
0
Comment
Question by:mijia
  • 7
  • 3
11 Comments
 
LVL 1

Expert Comment

by:b3lz
ID: 12507910
session.close() ?
0
 
LVL 14

Expert Comment

by:sudhakar_koundinya
ID: 12508040
OK you can do one thing. If you are dealing all with servlets then below code works for you

package org.frb.ny.mg.icr.login;

import javax.servlet.*;
import javax.servlet.http.*;
/**
 * Insert the type's description here.
 */
public class MyServlet extends HttpServlet {
/**
 * Process incoming HTTP GET requests
 *
 * @param request Object that encapsulates the request to the servlet
 * @param response Object that encapsulates the response from the servlet
 */
public void doGet(HttpServletRequest req, HttpServletResponse res)
     throws ServletException, java.io.IOException {
         
     HttpSession session = req.getSession(false);
     if (session != null) {
          if(session.getAttribute("userId")==null)
           {
                    res.sendRedirect("../error.html");
            }
         
     }
     
   
}
}


and in error.html you shud display that user lnot logged in or something like similar message along with the link to index.html
0
 
LVL 14

Expert Comment

by:sudhakar_koundinya
ID: 12508054
if it is jsp

the the code is similar here also

<%
         if(session.getAttribute("userId")==null)
           {
                    res.sendRedirect("../error.html");
            }
%>
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 14

Expert Comment

by:sudhakar_koundinya
ID: 12508085
in the both servlet and jsps of else part you can do ur business logic or whatever it may be
0
 
LVL 1

Expert Comment

by:b3lz
ID: 12508097
If you use that, use it for EVERY page, because otherwise pages browsed to by url's are still visible. A session that is closed will not be return pages in browsercache.
0
 
LVL 14

Expert Comment

by:sudhakar_koundinya
ID: 12508155
in fact the code should be something like this

_____________________________________

JSPs
______________________________________
<%
response.setHeader("Cache-Control","no-cache"); //HTTP 1.1
response.setHeader("Pragma","no-cache"); //HTTP 1.0
response.setDateHeader ("Expires", 0); //prevents caching at the proxy server
response.setHeader("Cache-Control","no-store"); //HTTP 1.1
%>

<%
         if(session.getAttribute("userId")==null)
           {
                    res.sendRedirect("../error.html");
            }
%>












____________________________________________________

SERVLETS

_______________________________________________________


mport javax.servlet.*;
import javax.servlet.http.*;
/**
 * Insert the type's description here.
 */
public class MyServlet extends HttpServlet {
/**
 * Process incoming HTTP GET requests
 *
 * @param request Object that encapsulates the request to the servlet
 * @param response Object that encapsulates the response from the servlet
 */
public void doGet(HttpServletRequest req, HttpServletResponse res)
     throws ServletException, java.io.IOException {
 

res.setHeader("Cache-Control","no-cache"); //HTTP 1.1
res.setHeader("Pragma","no-cache"); //HTTP 1.0
res.setDateHeader ("Expires", 0); //prevents caching at the proxy server
res.setHeader("Cache-Control","no-store"); //HTTP 1.1
       
     HttpSession session = req.getSession(false);
     if (session != null) {
          if(session.getAttribute("userId")==null)
           {
                    res.sendRedirect("../error.html");
            }
         
     }
     
   
}
}
0
 
LVL 14

Expert Comment

by:sudhakar_koundinya
ID: 12508203
session.close??

Plz show me the method

http://www.spline.de/dokumentation/JAVA/j2ee/javax/servlet/http/HttpSession.html
http://java.sun.com/j2ee/1.4/docs/api/javax/servlet/http/HttpSession.html#method_summary

If session.close() exists also you can't say it prevents caching.

In fact, preventing cahching of browsers is work of response object not the session

Regards
Sudhakar

0
 
LVL 1

Expert Comment

by:b3lz
ID: 12508230
That's true, i was totally wrong. Listen to sudhakar he knows his stuff better then i do :)
0
 
LVL 14

Accepted Solution

by:
sudhakar_koundinya earned 150 total points
ID: 12508236
Or other than in login servlets or jsps in other jsps and servlets u shud do something like this


<%
response.setHeader("Cache-Control","no-cache"); //HTTP 1.1
response.setHeader("Pragma","no-cache"); //HTTP 1.0
response.setDateHeader ("Expires", 0); //prevents caching at the proxy server
response.setHeader("Cache-Control","no-store"); //HTTP 1.1
%>

<%
         if(session.isNew())
           {
                    res.sendRedirect("../error.html");
            }
%>

0
 
LVL 14

Expert Comment

by:sudhakar_koundinya
ID: 12508874
Thanks for points.

May I ask why just 'B' ??
0
 
LVL 1

Author Comment

by:mijia
ID: 12509036
Acctually, I made a mistake, instead of pointing to logout.java file, the links when I click for logout was pointing to login.jsp. that is way. I correct it. it works already. but your suggestion is good. thanks.
0

Featured Post

Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction Java can be integrated with native programs using an interface called JNI(Java Native Interface). Native programs are programs which can directly run on the processor. JNI is simply a naming and calling convention so that the JVM (Java…
Java Flight Recorder and Java Mission Control together create a complete tool chain to continuously collect low level and detailed runtime information enabling after-the-fact incident analysis. Java Flight Recorder is a profiling and event collectio…
This tutorial covers a practical example of lazy loading technique and early loading technique in a Singleton Design Pattern.
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…
Suggested Courses
Course of the Month16 days, 3 hours left to enroll

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question