View Feed
group-icon
Coffee Room
Discuss anything here - everything that you wish to discuss with fellow engineers.
12915 Members
Join this group to post and comment.
TheV
TheV • Mar 31, 2012

Login / Logout Problems WEB APPLICATION

Hello Friends, I am working in student database management system a web application in j2ee. I have a problem with Login and Logout. When I Login into my profile on authentication then my profile page is visible but on press back button its goes to SignIn page again, but I want to make it to stay on the same profile page (As in facebook) even back button is pressed.

Same with the logout its goes to home page and on back button press it comes into the profile page without authentication.
Can anyone please tell me with this login and logout to work properly. Examples will be highly appreciated..
Thank you.
gaurav.bhorkar
gaurav.bhorkar • Mar 31, 2012
Well I don't code in Java, but in PHP I would redirect the user to the profile page.

In the beginning of your Login page check whether the user is already logged in (by checking the session variable or cookies). If already logged in then redirect the user to another page (profile page).

Search google for how to redirect to another page
Anoop Kumar
Anoop Kumar • Apr 1, 2012
are you invalidating session at time of logout??
just invalidate session on login page and logout page, and delete all catch and cookies.
in jsp use session.invalidate(). you need to first check weather any session exists or not.
One common problem in the web is, it is cached. So, when you press back, the web browser will show the cached page. If you refresh, and if you have given the condition, that when a logged in person comes to login page, it should take him to the home page, then it happens when you refresh the login page.

If not, you need to send an instruction to the browser not to cache the login page, thereby, it requests a fresh page, where it takes you to the logged in home page.

Hope this helps you! 😀
TheV
TheV • Apr 1, 2012
Yes I had invalidated the session after logout.. But I think Praveen Kumar is saying it right - a cache problem. Can you please tell me how to tell browser not to cache the login page. Can I clear the cache from the code in servlet.
TheV
Yes I had invalidated the session after logout.. But I think Praveen Kumar is saying it right - a cache problem. Can you please tell me how to tell browser not to cache the login page. Can I clear the cache from the code in servlet.
Just give the option no-cache from teh server side...
greatcoder
greatcoder • Apr 1, 2012
Hi,
I think what you can do is:

1) Clear the Cache using the no-cache option.
2) For logout, destroy the session using session.invalidate() and for login page also u can use response.sendRedirect() method to redirect the user back to the login page once he clicks the back button.

Regards
GC
TheV
TheV • Apr 1, 2012
Thank you .... !! I will try and let you people know..!
Anoop Kumar
Anoop Kumar • Apr 1, 2012
If you already invalidated the session and pressing back button lands you on the previous page that mean you are not checking the session valididy on each page/request.
you should check session at each page/request and if not found redirect request to login page.
TheV
TheV • Apr 3, 2012
Thank you everyone.. I got some success in the concern. but ianoop even I validated the session check on each page and using redirection to the Login page.It is not redirected and showing me invalid index error.
Giving the code down.

<%!
String username;
%>
<%
username = (String)session.getAttribute("username");
if(username == null ){
System.out.println("inside");
response.sendRedirect("Login.html");
}
Connection con = ConnectDB.createConn();
Statement stmt = con.createStatement();
ResultSet rs = stmt.executeQuery("Select name,adminship from account where user_name ='"+ username +"'");
rs.next();
%>

here System.out.println("inside"); get printed(after pressing back button) but then also it is not redirected to the login.html page..(clear cache and all code are written in the page)
Help me out please..
Anoop Kumar
Anoop Kumar • Apr 3, 2012
I never seen invalid index error on jsp.
i found about this only on this page .
Rest you are doing wrong is username = (String)session.getAttribute("username");
here if session is null then it will not able to cast it to String.
you should do like this ie: ternary operation

username = session.getAttribute("username") !=null ? session.getAttribute("username") :"";
after it check whether username is valid or not.
While developing jsp's , In case you stuck somewhere first clean the history of browser and delete work directory of server. and try to re-deploy.
I hope it will work.
See guys, this is a PHP snippet, doing the same thing of no cache and requesting page fresh. Try to convert it to JSP:
php
  header
("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
  
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); // Date in the past
?>
TheV
TheV • Apr 3, 2012
Problem solved .. 😀 Thankyou everyone.. What I did is I make one jsp page which is called after logout. From this jsp page I did nothing but redirect to Login.html page. Now if the user press back button the jsp page is reload as I cleared the cache and history stuff from the page. In this jsp page I check for authentication, if not authenticated it redirect to Login page. No need of checking the authentication in each and every page.
My application running fine but can it create any further problem which is I'm not aware of . If yes please let me know.

Share this content on your social channels -