By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
438,469 Members | 1,885 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 438,469 IT Pros & Developers. It's quick & easy.

Servlets + Jsp

100+
P: 157
Hi all, I m a newbie and new to this site as well, I am working on a webapplication using Servlets,Jsp and JavaScript..the user logs into my application and after finishing his task he logs out,but even after logging out i.e(session.invalidate()) by saying back he can see the previous page when in turn he should be getting a 'you are logged out' or 'session expired message' ..can anyone help me with this ...Thanks in advance!
Dec 30 '06 #1
Share this Question
Share on Google+
2 Replies


Shanaj
P: 51
Hi all, I m a newbie and new to this site as well, I am working on a webapplication using Servlets,Jsp and JavaScript..the user logs into my application and after finishing his task he logs out,but even after logging out i.e(session.invalidate()) by saying back he can see the previous page when in turn he should be getting a 'you are logged out' or 'session expired message' ..can anyone help me with this ...Thanks in advance!
hello,

just try this

<%
response.setHeader("Cache-Control","no-cache"); //HTTP 1.1
response.setHeader("Pragma","no-cache"); //HTTP 1.0
response.setDateHeader ("Expires", 0); //prevents caching at the proxy server
response.setHeader("Cache-Control","no-store"); //HTTP 1.1
%>

<%
if(session.getAttribute("userId")==null)
{
res.sendRedirect("../error.html");
}
%>
Jan 2 '07 #2

100+
P: 157
Hi Shanaj,

Thanx fr replyin, but actually i'd already used these headers in my page, still not working. I have designed my page using Front-page so I hd jst set these headers as Meta tags with the 'HTTP-EQUIV' attribute..and in my Jsp I'm just checking the session obj , as far the processing is concerned , all that is done in a Servlet,

The thing is that I've a webappln in wich a user after logging in fills up certain subscriptions and there is a 'logout' link on every page,on clicking it the user's session is invalidated saying session.invalidate() . Then on all the pages I just check if the session = null , if yes then the user should be redirected back to the home-page..but the thing is that on saying back the control doesn't even go into the scriptlet in order to chek this..it just directly displays the previous page ...and thus u cn see all the previous pages just by saying 'previous' and 'forward'. I' m still working on it and as a temp solution I've disabled the ''back' button thru JavaScript.
-------------------------------------------------------------------------------------------------------------------




hello,

just try this

<%
response.setHeader("Cache-Control","no-cache"); //HTTP 1.1
response.setHeader("Pragma","no-cache"); //HTTP 1.0
response.setDateHeader ("Expires", 0); //prevents caching at the proxy server
response.setHeader("Cache-Control","no-store"); //HTTP 1.1
%>

<%
if(session.getAttribute("userId")==null)
{
res.sendRedirect("../error.html");
}
%>
Jan 4 '07 #3

Post your reply

Sign in to post your reply or Sign up for a free account.