struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Amleto Di Salle" <disa...@di.univaq.it>
Subject R: R: Back Browser Button After Logout and Reload so that continue working
Date Thu, 24 Jun 2004 15:10:31 GMT
You are right! :-)
 
But if you don't use the jsp directly (i.e. the application URLs
"points" always to an Action) and the Action "validate" the user you
don't have to use the auto-session creation in the jsp pages.
 
BR
/Amleto

-----Messaggio originale-----
Da: DGraham@EvergreenInvestments.com
[mailto:DGraham@EvergreenInvestments.com] 
Inviato: giovedì 24 giugno 2004 17.01
A: Struts Users Mailing List
Oggetto: Re: R: Back Browser Button After Logout and Reload so that
continue working



In addtion, you might want to disable auto-session creation on some/all
of your pages:
http://javaalmanac.com/egs/javax.servlet.jsp/nosession.html?l=new 

Dennis 






"Amleto Di Salle" <disalle@di.univaq.it> 


06/24/2004 10:53 AM 


Please respond to
"Struts Users Mailing List" <user@struts.apache.org>



To
"'Struts Users Mailing List'" <user@struts.apache.org> 

cc

Subject
R: Back Browser Button After Logout and Reload so that continue working

	




Hi,
one possible solution is to invalidate the session inside the
"LogoffAction".

       HttpSession session = httpServletRequest.getSession( false );
       if ( session != null ) {
           session.invalidate();
       }

If you have already done and the problem remains, maybe you are using
HttpServletRequest.getSession() method (or getSession(true)) inside the
Actions (or "BaseAction" if you use a base class for your all actions,
in order to validate the users).

BR
/Amleto


-----Messaggio originale-----
Da: Ricardo Andres Quintero [mailto:rquintero@ubiquando.com.co] 
Inviato: giovedì 24 giugno 2004 15.41
A: user@struts.apache.org
Oggetto: Back Browser Button After Logout and Reload so that continue
working


Hello my friends
Followed i attach a message i found in the internet.
I have found some conceptual solutions about this problem,
but i DO need an example that works to solve it.

The conceptual solution talks about a token syncronizer. I don't know
how to write it.

Thank you in advanced.

<%-- THE PROBLEM --%>

Hello,

I used Struts to develop a web app which has a login form to permit
access to different functionnalities via a menu page. I use a session
var I set at login to check if the user has not logged out. The problem
that I have is, once I do the logoff, if I use the Back button of the
browser to the menu page and do a refresh a new session gets created and
I'm able to use the app. I have a filter to do the verification but I
tried before doing it in each Action and I have the same problem. I
don't access .jsp pages directly, I have an Action for each of them. I
read some posts but none seems to talk about my specific problem.

It sounds like a begginer caveat but I have no idea what should I do or
what am I doing wrong. Any help appreciated,

Cezar

<%-- END OF THE PROBLEM --%>


--
Ricardo Andrés Quintero R.
Ubiquando Ltda.


---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org





Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message