473,320 Members | 2,071 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

Jsp session problem

20
using jsp Create a sample page for login and when i enter the correct string moves to inner page and when i clicked logout it redirect to home page from there when i click the back button it goes to my inner page how to avoid that


my login page

<%@ page language="java" import="java.util.*" pageEncoding="ISO-8859-1"%>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="cache-request-directive" content="no-cache">
<meta http-equiv="cache-response-directive" content="must-revalidate">
</title>
</head>

<body>
<form name="f1" method="post" action="inner.jsp" />
<input type="text" name="user" id="user"/>
<input type="password" name="pass" id="pass"/>
<input type="submit" name="login" id="log" value="login"/>
</form>

</body>
</html>



innerpage

<%@ page language="java" import="java.util.*" pageEncoding="ISO-8859-1"%>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="cache-request-directive" content="no-cache">
<meta http-equiv="cache-response-directive" content="must-revalidate">
</title>
</head>

<body>
<%String user=request.getParameter("user");
String pass=request.getParameter("pass");
String s="aji";
session.setAttribute("user",user);

if(user.compareTo(s.toString()) >0)
{
response.sendRedirect("index.jsp");
}
else
{
String username=session.getAttribute("user").toString();
out.print(username);
}
%>
<form action="temp.jsp">
<input type="submit" value="logout" />
</form>
</body>
</html>

3ed page
<%@ page language="java" import="java.util.*" pageEncoding="ISO-8859-1"%>


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="cache-request-directive" content="no-cache">
<meta http-equiv="cache-response-directive" content="must-revalidate">
</title>
</head>

<body>
<%session.invalidate();
response.sendRedirect("index.jsp"); %> <br>
</body>
</html>
Dec 1 '09 #1
3 5631
1. Ensure that all the internal pages has pragma no-cache tag.
2. As soon as u log out redirect the page. Redirect means to put it should add meta http-equiv=refresh tag in the output page.
3. All internal pages should be in session scope.
4. When logout is done remove the session.
Dec 1 '09 #2
ajeeshc
20
i tried bcoz i am biginner i cant get u completely could you pls give explanation with code.Any way thank u for spending time for solving my problem
Dec 2 '09 #3
1. Ensure that all the internal pages has pragma no-cache tag.
Every html page can get cached in local browser of user. To ensure that revisiting the page is fetched from server you have to set pragma no-cache.
Please insert following tags in your page at top.
<%
response.setHeader("Cache-Control","no-cache");
response.setHeader("Pragma","no-cache");
response.setDateHeader ("Expires", -1);
%>

Refer the following link for further reference. http://www.rgagnon.com/javadetails/java-0590.html


2. As soon as u log out redirect the page. Redirect means to put it should add meta http-equiv=refresh tag in the output page.
Which page do you show after you sucessfully logout. Lets say its logout.jsp.
In that logout.jsp you put following code.
<meta http-equiv="refresh" content="10;URL=login.jsp">
This will reload with redirect after 10 seconds.. This ensures that even if user does back he is redirected to login page.
You can reduce the seconds from 10 to something lesser.



3. All internal pages should be in session scope.
4. When logout is done remove the session.
For creating and removing session please refer to the example
.

http://www.roseindia.net/quickguide/tomcat/Logout.shtml

You have to do all the above steps to ensure its full proof solution.

-Samrat Dhamale
http://samratdhamale.blogspot.com/
Dec 2 '09 #4

Sign in to post your reply or Sign up for a free account.

Similar topics

7
by: Billy Jacobs | last post by:
I am having a problem with my session variable being set to Null for no apparent reason. I am declaring it like the following when the user logs in. dim objUserInfo as new clsUserInfo 'Set...
1
by: Scott Wickham | last post by:
I'm having a problem saving session information on one form and retrieving it on a subsequent form...for only one out of a number of users. Actually, I'm not absolutely certain it's a session...
6
by: Lina Manjarres | last post by:
Hello, I have a session variable in a login page. Then I go to a form page where I uses the ProfileID and the UserID. Then I go to a result page where I would like to use the UserID as a filter,...
7
by: Ottar | last post by:
I've made a program sorting incomming mail in public folder. The function runs every minute by using the form.timer event. In Access XP it runs for weeks, no problem. Access 2003 runs the same...
5
by: Mark Rodrigues | last post by:
Hi Everyone, I have been fighting a problem for a while and I wonder if someone out there can help. This problem has been presented in a number of news postings previously but I am yet to see a...
9
by: William LaMartin | last post by:
I have a problem, mentioned here before, of Session and Application variables disappearing at one site but not at others or on my development computer. The problem is illustrated by an example...
1
by: Werner | last post by:
Hi Patrick! Can you give an example of how to use a frameset inside an aspx-file? When I create a new frameset in Visual Studio.Net it just gives me a htm-File. Or give me a link where I can...
1
by: Johan Nedin | last post by:
Hello! I have a problem with SQLSession state on my ASP.NET pages. SQLSession state behaves very different from InProcess session state, which I think is very bad. I can understand some of...
5
by: Just D. | last post by:
Do we have any access to the Session object from a different Session? The idea is to save Session of a current user and then if he logs in again then return the Session back. It's not a problem to...
7
by: Mr Newbie | last post by:
I have written a Custom Control Menu. Its fairly simple but it works well enough. In order to simplify things I decided to store the Menu1 custom control in Session. In the page load event below,...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.