Hi all,
I am developing a web application. I am using Servlet and JSP. After logout the user should not able to see the previous pages and page should navigate to loginpage.jsp.
I have used following code : -
<%
-
session.invalidate();
-
response.setHeader("Cache-Control","no-cache");
-
response.setHeader("Cache-Control","no-store");
-
response.setDateHeader("Expires", 0);
-
response.sendRedirect("home.jsp");
-
%>
and - <meta http-equiv=[COLOR=red]"cache-control"[/COLOR] content=[COLOR=red]"max-age=0, must-revalidate, no-cache, no-store, private"[/COLOR]>
-
<meta http-equiv=[COLOR=red]"expires"[/COLOR] content=[COLOR=red]"-1"[/COLOR]>
-
-
<meta http-equiv=[COLOR=red]"pragma"[/COLOR] content=[COLOR=red]"no-cache"[/COLOR]>
The problem is:
Once user click on logout hyper link the page is reforwarding to loginpage.jsp and
after clicking back button the session expire message is coming, but if user again and
again click on back button the user is able to see previous to previous page.which i dont want,
Solution for:
If user click on logout hyper link,all previous browsed pages or history should be
clear and page should redirect to Loginpage.jsp.
Please help me,
Thanks in advance.
5 54041
Use a frameset.
The outer frame is invisible and holds the inner frame.
So all browsing is done in the inner frame, which shows your application page. When logging out, the inner frame just makes a javascript command to reload the outer frame with url-parameter=login .
So for example if a user comes from google page to your application page, he will be able to move forward and backward, because it all happens inside the inner frame. But if he logs out, the inner frame is destroyed, so if he presses back button, he comes back to google page, and go forward is not possible anymore.
Hi vinodsk101.
You need to prevent pages from caching by browser. Put "no cache" statements in all pages/servlets.
- --------------------------------index.jsp starts-------------
-
<%@ page language="java" import="java.util.*" pageEncoding="ISO-8859-1"%>
-
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
-
<html>
-
<head>
-
<title>My JSP 'index.jsp' starting page</title>
-
</head>
-
<body>
-
<%request.getSession().setAttribute("user", "Naveen Kumar Vodapally");%>
-
<br>
-
<input type='button' value='login' onClick="javascript:location.href = 'MyJsp.jsp'"/>
-
</body>
-
</html>
-
-------------------------------MyJsp.jsp starts------------------------
-
<%@ page language="java" import="java.util.*" pageEncoding="ISO-8859-1"%>
-
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
-
<html>
-
<head>
-
<title>My JSP 'MyJsp.jsp' starting page</title>
-
<%response.setHeader("Cache-Control", "no-cache");
-
response.setHeader("Cache-Control", "no-store");
-
response.setHeader("Pragma", "no-cache");
-
response.setDateHeader("Expires", 0);%>
-
</head>
-
<body>
-
<%String u = (String) request.getSession().getAttribute("user");
-
if (u != null ) {
-
System.out.println("user != null");
-
out.print("Welcome "+u);
-
}else{
-
System.out.println("user == null");
-
response.sendRedirect("logout.jsp");
-
}%>
-
This is my JSP page. <br>
-
<input type='button' value='log out' onClick="javascript:location.href = 'logout.jsp'"/>
-
</body>
-
</html>
-
--------------------------------logout.jsp starts----------------------
-
<% @ page language="java" import="java.util.*" pageEncoding="ISO-8859-1"%>
-
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
-
<html>
-
<head>
-
<title>My JSP 'logout.jsp' starting page</title>
-
</head>
-
<body>
-
<%request.getSession().setAttribute("user", null);%>
-
Your session has expired. Click <a href='index.jsp'>here</a> to login again.<br>
-
</body>
-
</html>
POST REDIRECT AND GET (PRG) APPROACH
--------------------------index.jsp starts-------------------
<META HTTP-EQUIV="Refresh" CONTENT="0;URL= welcomeLink.act ion">
----------------------baseLayout.jsp starts-----------
<%@ taglib uri="http://tiles.apache.or g/tags-tiles" prefix="tiles" %>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<table border="1" align="center" width="400px;">
<tr>
<td height="30" colspan="2">
<tiles:insertAt tribute name="myHeader" />
</td>
</tr>
<tr>
<td>
<tiles:insertAt tribute name="myBody" />
</td>
</tr>
<tr>
<td>
<tiles:insertAt tribute name="myFooter" />
</td>
</tr>
</table>
--------------------head.jsp starts------------
<%@ taglib prefix="s" uri="/struts-tags" %>
<center>
<h4> Header </h4>
----------------------body.jsp starts ------------
<%@ page language="java" import="java.ut il.*" pageEncoding="I SO-8859-1"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>My JSP 'index.jsp' starting page</title>
</head>
<body>
<br>
<form action="loginLi nk.action" method='post'>
<input type='text' name='user' value='naveen'/>
<input type='submit' name='login' value='Login'/>
</form>
</body>
</html>
---------------------struts.xml starts ----------------
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE struts PUBLIC
"-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
"http://struts.apache.o rg/dtds/struts-2.0.dtd">
<struts>
<package name="default" extends="struts-default">
<result-types>
<result-type name="tiles" class="org.apac he.struts2.view s.tiles.TilesRe sult" />
</result-types>
<action name="*Link" method="{1}" class="java4s.L ogingEx">
<result name="welcome" type="tiles">we lcome</result>
<result name="editBusin ess" type="tiles">ed itBusiness</result>
<result name="success" type="tiles">su ccess</result>
<result name="expire" type="tiles">ex pire</result>
<result name="logout" type="tiles">lo gout</result>
</action>
</package>
</struts>
-------------------------tiles.xml starts -----------
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE tiles-definitions PUBLIC
"-//Apache Software Foundation//DTD Tiles Configuration 2.0//EN"
"http://tiles.apache.or g/dtds/tiles-config_2_0.dtd" >
<tiles-definitions>
<definition name="welcome" template="/baseLayout.jsp" >
<put-attribute name="myHeader" value="/head.jsp"/>
<put-attribute name="myBody" value="/body.jsp"/>
<put-attribute name="myFooter" value="/footer.jsp"/>
</definition>
<definition name="editBusin ess" extends="welcom e">
<put-attribute name="myBody" value="/editBusiness.js p"/>
</definition>
<definition name="success" extends="welcom e">
<put-attribute name="myBody" value="/success.jsp"/>
</definition>
<definition name="logout" extends="welcom e">
<put-attribute name="myBody" value="/logout.jsp"/>
</definition>
<definition name="expire" extends="welcom e">
<put-attribute name="myBody" value="/expire.jsp"/>
</definition>
</tiles-definitions>
-----------------------LogingEx.java starts --------------
package java4s;
import javax.servlet.h ttp.HttpServlet Request;
import javax.servlet.h ttp.HttpServlet Response;
import org.apache.stru ts2.ServletActi onContext;
import com.opensymphon y.xwork2.Action Support;
public class LogingEx extends ActionSupport {
private static final long serialVersionUI D = -261342589076256 8273L;
private String user;
private String rdto;
public String welcome()
{
LOG.info("insid e welcome()");
return "welcome";
}
public String login() throws Exception{
LOG.info("start login()");
if(user != null){
HttpServletRequ est request = ServletActionCo ntext.getReques t();
request.getSess ion().setAttrib ute("user", user);
HttpServletResp onse response = ServletActionCo ntext.getRespon se();
response.sendRe direct("success Link.action");
}
LOG.info("end login()");
return null;
}
public String success(){
LOG.info("start success()");
HttpServletResp onse response = ServletActionCo ntext.getRespon se();
response.setHea der("Cache-Control", "no-cache");
response.setHea der("Cache-Control", "no-store");
response.setHea der("Pragma", "no-cache");
response.setDat eHeader("Expire s", 0);
setRdto("rdto1" );
LOG.info("end success()");
return "success";
}
public String logout(){
return "logout";
}
public String expire(){
return "expire";
}
public String getRdto() {
return rdto;
}
public void setRdto(String rdto) {
this.rdto = rdto;
}
public String getUser() {
return user;
}
public void setUser(String user) {
this.user = user;
}
}
-----------------------success.jsp starts---------------
<%@ page language="java" contentType="te xt/html; charset=ISO-8859-1"
pageEncoding="I SO-8859-1"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Insert title here</title>
<%
session.setMaxI nactiveInterval (5);
int timeout = session.getMaxI nactiveInterval ();
response.setHea der("Refresh", timeout + "; URL = logout.jsp");%>
</head>
<body>
<%String u = (String) request.getSess ion().getAttrib ute("user");
if (u == null ){
String path = request.getCont extPath();
%>
<script>
window.location .href='<%=path% >/expireLink.acti on';
</script>
<%}
out.print("Welc ome "+u);
out.println("<i nput type='button' value='log out' onClick=\"javas cript:location. href = 'logoutLink.act ion'\"/>");%>
</body>
</html>
------------------------logout.jsp starts ----------------
<%@ page language="java" import="java.ut il.*" pageEncoding="I SO-8859-1"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>My JSP 'logout.jsp' starting page</title>
</head>
<body>
<%request.getSe ssion().setAttr ibute("user", null);%>
Logged out successfully. Click <a href='index.jsp '>here</a> to login again.<br>
</body>
</html>
-----------------expire.jsp starts--------------
<%@ page language="java" import="java.ut il.*" pageEncoding="I SO-8859-1"%>
<%
String path = request.getCont extPath();
String basePath = request.getSche me()+"://"+request.getSe rverName()+":"+ request.getServ erPort()+path+"/";
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<base href="<%=basePa th%>">
<title>My JSP 'expire.jsp' starting page</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="keywords " content="keywor d1,keyword2,key word3">
<meta http-equiv="descript ion" content="This is my page">
<!--
<link rel="stylesheet " type="text/css" href="styles.cs s">
-->
</head>
<body>
Your session has expired. Click <a href='index.jsp '>here</a> to login again.<br>
</body>
</html>
Sign in to post your reply or Sign up for a free account.
Similar topics |
by: Jeff |
last post by:
I've searched the web for hours trying to figure out this problem and
can't seem to find any pertinent answers. I have a website where the
user starts on a login page, puts in their credentials and hits a
submit button, which then takes the user to a 2nd PHP page which simply
runs PHP code that checks the user's credentials from my database, and
if authenticated creates a session, assigns a few session variables
(including a session...
|
by: Dmitri Shvetsov |
last post by:
Hi All,
Is it possible to disable the backspace button in browser? I wrote a login
page, then after login I can allow the user to work in the session. I don't
want to allow the user to return back using browser features. If he needs to
return back he could press a designed button. Using the standard Backspace
button can destroy the usual flow of the program and database filling, even
cause some problems on the login page if the user...
|
by: va |
last post by:
I am using the forms authentication. After clicking on the logout button, I
navigate to the default page. But I noticed the user can hit the back button
and go back to the previous page nd continue working. I would've thought
that logging out using loginstatus would expire the pages, no?
Is there something else I should be doing?
|
by: crescent_au |
last post by:
Hi all,
I've written a login/logout code. It does what it's supposed to do but
the problem is when I logout and press browser's back button (in
Firefox), I get to the last login page. In IE, when I press back
button, I get to the page that says "Page has Expired" but Firefox does
not do this.
I think it's something to do with sessions not properly unset or
something like that but I haven't been able to figure it out. I am
|
by: kamill |
last post by:
I have done a logout page for logout from admin section and provides a link to logout from admin section.Whenever i clicked on logout link it redirected to index.php of admin section......BUT when i am tring to go back threw back button of Browser....it send me last visted pages(means sessons not expire properly). How can i solve it... One more thing is that the script is working properly on localhost....problem occures when i uploaded it on...
| |
by: roshni86 |
last post by:
I have the following code for a logout of an account in php.However it is not working,as when i press the "back" button,the page returns to the previous page where a user had signed and viewed.
<?php
//start the session
session_start();
//check to make sure the session variable is registered
if(session_is_registered('userid')){
//session variable is registered, the user is ready to logout
|
by: shrik |
last post by:
hi everybody.
I have following problem.
There are two pages. index.jsp and main.jsp in my application
Index.jsp contains logging interface in .
It submits password and userid to loginform bean.
following are entries in struts-config.xml file
<action input="index.jsp" name="loginform" path="/login" scope="session" type="com.myapp.struts.loginaction">
<forward name="success" path="/main.jsp"/>
|
by: romeo971987 |
last post by:
disable back button..... page should no do postback...
i used history.go, history.back, session.abandon...and many more...but still previous page shows.... help me to expire the previous page.......
|
by: shahidrasul |
last post by:
hi
in my project when i click on logout anchor it goes to logout page and my code in logout page is
if (Session != null)
{
Session = null;
Session.Abandon();
Response.Clear();
FormsAuthentication.SignOut();
Response.Redirect("login.aspx");
}
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
| |
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |