Invalidating session in jsp
Hi, I'd like to know how to prevent users from skipping my site's pages simply typing the address in the URL location.
I'd like to know also how to prevent users to come back with the browser's back button once they have logged out (invalidating session? In a few words, I'd like to be able to control which pages a user can visit and which he cannot. I'm having a lot of problems finding some docs that could explain to me how to do that.
(I cannot have a page to invalidate the session there). If I want to do it in the bean how would I be able to do that ??
Please provide the code for invalidating the session (any way except for using the logout as a different jsp page), so that if a user logs out , he would not be able to directly enter the jsp page.
At max: You can make a poll from page(may be header) same as gtalk in gmail as soon as connection closes wipe that session out.
No I don't believe you can do that as there are no hooks available in the browser to get it to send a disconnect notification (of some sort) when it closes and I don't think there is a server-side mechanism to interrogate recent sessions to test their connection status.
You need to add Cache headers which does not allow browser to cache page.
Hi , I am having a logout link when clicked it redirects to the page.
I have to invalidate the session when the logout link is clicked.
To avoid this problem you can follow the below steps.
I have a jsp servlet based application, with session time out of 30 mins, I want to invalidate the session as soon as a person closes the browser window intentionally or accidentally (OS shutdown/close from tast manager/powerdown) Can I put a check for that and invalidate the session? There are some browsers which provide this setting as their preference , but you can't handle this programitically.
But i keep getting error when i try to access the session.