Discussions
Categories
- 385.5K All Categories
- 4.9K Data
- 2.5K Big Data Appliance
- 2.4K Data Science
- 453.4K Databases
- 223.2K General Database Discussions
- 3.8K Java and JavaScript in the Database
- 47 Multilingual Engine
- 606 MySQL Community Space
- 486 NoSQL Database
- 7.9K Oracle Database Express Edition (XE)
- 3.2K ORDS, SODA & JSON in the Database
- 585 SQLcl
- 4K SQL Developer Data Modeler
- 188K SQL & PL/SQL
- 21.5K SQL Developer
- 46 Data Integration
- 46 GoldenGate
- 298.4K Development
- 4 Application Development
- 20 Developer Projects
- 166 Programming Languages
- 295K Development Tools
- 150 DevOps
- 3.1K QA/Testing
- 646.7K Java
- 37 Java Learning Subscription
- 37.1K Database Connectivity
- 201 Java Community Process
- 108 Java 25
- 22.2K Java APIs
- 138.3K Java Development Tools
- 165.4K Java EE (Java Enterprise Edition)
- 22 Java Essentials
- 176 Java 8 Questions
- 86K Java Programming
- 82 Java Puzzle Ball
- 65.1K New To Java
- 1.7K Training / Learning / Certification
- 13.8K Java HotSpot Virtual Machine
- 94.3K Java SE
- 13.8K Java Security
- 208 Java User Groups
- 25 JavaScript - Nashorn
- Programs
- 667 LiveLabs
- 41 Workshops
- 10.3K Software
- 6.7K Berkeley DB Family
- 3.6K JHeadstart
- 6K Other Languages
- 2.3K Chinese
- 207 Deutsche Oracle Community
- 1.1K Español
- 1.9K Japanese
- 474 Portuguese
Session does not work

988497
Member Posts: 1
Previous page can be seen even after user logs out from the JSP page.
My code is:
Logout.jsp:
<%@page contentType="text/html" pageEncoding="UTF-8"%>
<html>
<head>
<title>JSP Page</title>
</head>
<body>
<%
session.removeAttribute("username");
session.removeAttribute("password");
session.invalidate();
%>
<% response.setHeader("Cache-Control","no-cache");%>
<h1>Logout was done successfully.</h1>
</body>
</html>
how to resolve this?
My code is:
Logout.jsp:
<%@page contentType="text/html" pageEncoding="UTF-8"%>
<html>
<head>
<title>JSP Page</title>
</head>
<body>
<%
session.removeAttribute("username");
session.removeAttribute("password");
session.invalidate();
%>
<% response.setHeader("Cache-Control","no-cache");%>
<h1>Logout was done successfully.</h1>
</body>
</html>
how to resolve this?
Answers
-
Typically you would configure a filter that sends the user to the login page if they are not logged in (or have been logged out) .
So when the user logs in, add their user name to the session as an attribute. When they log out remove the userName attribute from the session.
Then all the filter does is check if userName attribute is set. If it is not set it redirects to the login page. -
Coming to your code you have requested the browser not to cache the logout page but the previous pages are cached so when u hit the previous button on the browser it will display the previous page which is cached. you have to write this
<% response.setHeader("Cache-Control","no-cache");%>
in every jsp page if none of the jsp page should be cached. if you are making a fresh request for the previous jsp page after logging out still it displays the page with no personal content, I mean the stuff that you are retrieving from the session. it is because you have destroyed the session by linvalidating it. The other content which does not relate to session will still be displayed.
If none of the page should be displayed after logging out even though you request use filters to divert all the requests to a login page if they are not logged in. hope this helps.
Edited by: EJP on 7/02/2013 09:13: cashed -> cached
This discussion has been closed.