Results 1 to 1 of 1
  1. #1
    Join Date
    Feb 2003

    Unanswered: session invalidate

    I have a servlet application which uses HttpSession to store session values. I am having problem
    invalidating the session. After logout i am able to access the application by clicking the browsers
    back button and refreshing the page.
    Let me explain the application flow.

    loginpage.html---> LogonServlet------------------->menuservlet

    LogonServlet---> (checks for the validity of username and password. If Login succeded directs to menuservlet)
    menuservlet----> (this page has 2 buttons which directs to two [page1.html & page2.html] page. Also has a button to logout. Logout buttons directs to the LogoutServlet.)

    Case 1
    c)Browser "Back" --->loginpage

    Case 2
    a) loginpage.html--->logonServlet-->menuservlet-->logout-->loginpage
    b) Browser "Back" Button--> displays page with error message
    ("Warning Page has Expired". To resubmit your information and view this Web page, click the Refresh button)
    c) Refresh the page->menuservlet

    Case 1 scenario works fine. But in the second scenario on clicking the browser back
    button it takes me to the menuservlet instead of login.html

    I am using following code in the LogoutServlet.I also tried to give session.putValue(<variableName>,null)

    if(session!= null)

    I am checking the session validity in menuservlet everytime it relaods..

    if(session.getValue() == null)

    Also i am using the following code in all those pages
    which i don't want to cache (menuservlet).


    Can anybody explain what's wrong here?
    Last edited by newbie03; 02-14-03 at 11:54.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts