Jsp session problem

using jsp Create a sample page for login and when i enter the correct string moves to inner page and when i clicked logout it redirect to home page from there when i click the back button it goes to my inner page how to avoid that

my login page
<%@ page language="java" import="java.util.*" pageEncoding="ISO-8859-1"%>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="cache-request-directive" content="no-cache">
<meta http-equiv="cache-response-directive" content="must-revalidate">
</title>
</head>

<body>
<form name="f1" method="post" action="inner.jsp" />
<input type="text" name="user" id="user"/>
<input type="password" name="pass" id="pass"/>
<input type="submit" name="login" id="log" value="login"/>
</form>

</body>
</html>

innerpage
<%@ page language="java" import="java.util.*" pageEncoding="ISO-8859-1"%>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="cache-request-directive" content="no-cache">
<meta http-equiv="cache-response-directive" content="must-revalidate">
</title>
</head>

<body>
<%String user=request.getParameter("user");
String pass=request.getParameter("pass");
String s="aji";
session.setAttribute("user",user);

if(user.compareTo(s.toString()) >0)
{
response.sendRedirect("index.jsp");
}
else
{
String username=session.getAttribute("user").toString();
out.print(username);
}
%>
<form action="temp.jsp">
<input type="submit" value="logout" />
</form>
</body>
</html>

3ed page
<%@ page language="java" import="java.util.*" pageEncoding="ISO-8859-1"%>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="cache-request-directive" content="no-cache">
<meta http-equiv="cache-response-directive" content="must-revalidate">
</title>
</head>

<body>
<%session.invalidate();
response.sendRedirect("index.jsp"); %> <br>
</body>
</html>

Dec 1 '09 #1

Subscribe Post Reply

5640

bksamrat

1. Ensure that all the internal pages has pragma no-cache tag.
2. As soon as u log out redirect the page. Redirect means to put it should add meta http-equiv=refresh tag in the output page.
3. All internal pages should be in session scope.
4. When logout is done remove the session.

Dec 1 '09 #2

ajeeshc

i tried bcoz i am biginner i cant get u completely could you pls give explanation with code.Any way thank u for spending time for solving my problem

Dec 2 '09 #3

bksamrat

1. Ensure that all the internal pages has pragma no-cache tag.
Every html page can get cached in local browser of user. To ensure that revisiting the page is fetched from server you have to set pragma no-cache.
Please insert following tags in your page at top.
<%
response.setHeader("Cache-Control","no-cache");
response.setHeader("Pragma","no-cache");
response.setDateHeader ("Expires", -1);
%>

Refer the following link for further reference. http://www.rgagnon.com/javadetails/java-0590.html

2. As soon as u log out redirect the page. Redirect means to put it should add meta http-equiv=refresh tag in the output page.
Which page do you show after you sucessfully logout. Lets say its logout.jsp.
In that logout.jsp you put following code.
<meta http-equiv="refresh" content="10;URL=login.jsp">
This will reload with redirect after 10 seconds.. This ensures that even if user does back he is redirected to login page.
You can reduce the seconds from 10 to something lesser.

3. All internal pages should be in session scope.
4. When logout is done remove the session.
For creating and removing session please refer to the example
.

http://www.roseindia.net/quickguide/tomcat/Logout.shtml

You have to do all the above steps to ensure its full proof solution.

-Samrat Dhamale
http://samratdhamale.blogspot.com/

Dec 2 '09 #4

Similar topics

Loosing Session Variable

by: Billy Jacobs | last post by:

I am having a problem with my session variable being set to Null for no apparent reason. I am declaring it like the following when the user logs in. dim objUserInfo as new clsUserInfo 'Set...

.NET Framework

Why is Session working for all users except one?

by: Scott Wickham | last post by:

I'm having a problem saving session information on one form and retrieving it on a subsequent form...for only one out of a number of users. Actually, I'm not absolutely certain it's a session...

.NET Framework

Session variables

by: Lina Manjarres | last post by:

Hello, I have a session variable in a login page. Then I go to a form page where I uses the ProfileID and the UserID. Then I go to a result page where I would like to use the UserID as a filter,...

ASP / Active Server Pages

Bug in Access 2003 ? Error after 380 CreateObject("MAPI.Session")

by: Ottar | last post by:

I've made a program sorting incomming mail in public folder. The function runs every minute by using the form.timer event. In Access XP it runs for weeks, no problem. Access 2003 runs the same...

Microsoft Access / VBA

Postback lossing Session values?

by: Mark Rodrigues | last post by:

Hi Everyone, I have been fighting a problem for a while and I wonder if someone out there can help. This problem has been presented in a number of news postings previously but I am yet to see a...

ASP.NET

Session and Application Variables dissappearing

by: William LaMartin | last post by:

I have a problem, mentioned here before, of Session and Application variables disappearing at one site but not at others or on my development computer. The problem is illustrated by an example...

ASP.NET

Losing Session State

by: Werner | last post by:

Hi Patrick! Can you give an example of how to use a frameset inside an aspx-file? When I create a new frameset in Visual Studio.Net it just gives me a htm-File. Or give me a link where I can...

ASP.NET

SQLSession vs InProcess Session State object references problem (C#)

by: Johan Nedin | last post by:

Hello! I have a problem with SQLSession state on my ASP.NET pages. SQLSession state behaves very different from InProcess session state, which I think is very bad. I can understand some of...

ASP.NET

Session[]

by: Just D. | last post by:

Do we have any access to the Session object from a different Session? The idea is to save Session of a current user and then if he logs in again then return the Session back. It's not a problem to...

ASP.NET

Session Madness

by: Mr Newbie | last post by:

I have written a Custom Control Menu. Its fairly simple but it works well enough. In order to simplify things I decided to store the Menu1 custom control in Session. In the page load event below,...

ASP.NET

Merging data from multiple Excel files

by: ryjfgjl | last post by:

In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...

Data Management

Navigating the Data Structures and Algorithms (DSA)

by: BarryA | last post by:

What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...

Algorithms / Advanced Math

Is that possible of reading the .csv file in column wise and the column have different lengths ?

by: Sonnysonu | last post by:

This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...

C / C++

How to build RAID in BIOS?

by: Hystou | last post by:

There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...

Computer Hardware

What is ONU?

by: marktang | last post by:

ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...

General

Changing the language in Windows 10

by: Hystou | last post by:

Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...

Windows Server

The easy way to turn off automatic updates for Windows 10/11

by: Hystou | last post by:

Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...

Windows Server

Discussion: How does Zigbee compare with other wireless protocols in smart home applications?

by: tracyyun | last post by:

Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...

General

AI Job Threat for Devs

by: agi2029 | last post by:

Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...

Career Advice