TheV
TheV
Branch Unspecified
31 Mar 2012

Login / Logout Problems WEB APPLICATION

Hello Friends, I am working in student database management system a web application in j2ee. I have a problem with Login and Logout. When I Login into my profile on authentication then my profile page is visible but on press back button its goes to SignIn page again, but I want to make it to stay on the same profile page (As in facebook) even back button is pressed.

Same with the logout its goes to home page and on back button press it comes into the profile page without authentication.
Can anyone please tell me with this login and logout to work properly. Examples will be highly appreciated..
Thank you.
gaurav.bhorkar

gaurav.bhorkar

Branch Unspecified
31 Mar 2012
Well I don't code in Java, but in PHP I would redirect the user to the profile page.

In the beginning of your Login page check whether the user is already logged in (by checking the session variable or cookies). If already logged in then redirect the user to another page (profile page).

Search google for how to redirect to another page
Anoop Kumar

Anoop Kumar

Branch Unspecified
01 Apr 2012
are you invalidating session at time of logout??
just invalidate session on login page and logout page, and delete all catch and cookies.
in jsp use session.invalidate(). you need to first check weather any session exists or not.
01 Apr 2012
One common problem in the web is, it is cached. So, when you press back, the web browser will show the cached page. If you refresh, and if you have given the condition, that when a logged in person comes to login page, it should take him to the home page, then it happens when you refresh the login page.

If not, you need to send an instruction to the browser not to cache the login page, thereby, it requests a fresh page, where it takes you to the logged in home page.

Hope this helps you! 😀
TheV

TheV

Branch Unspecified
01 Apr 2012
Yes I had invalidated the session after logout.. But I think Praveen Kumar is saying it right - a cache problem. Can you please tell me how to tell browser not to cache the login page. Can I clear the cache from the code in servlet.
01 Apr 2012
TheV
Yes I had invalidated the session after logout.. But I think Praveen Kumar is saying it right - a cache problem. Can you please tell me how to tell browser not to cache the login page. Can I clear the cache from the code in servlet.
Just give the option no-cache from teh server side...
greatcoder

greatcoder

Branch Unspecified
01 Apr 2012
Hi,
I think what you can do is:

1) Clear the Cache using the no-cache option.
2) For logout, destroy the session using session.invalidate() and for login page also u can use response.sendRedirect() method to redirect the user back to the login page once he clicks the back button.

Regards
GC
TheV

TheV

Branch Unspecified
01 Apr 2012
Thank you .... !! I will try and let you people know..!
Anoop Kumar

Anoop Kumar

Branch Unspecified
01 Apr 2012
If you already invalidated the session and pressing back button lands you on the previous page that mean you are not checking the session valididy on each page/request.
you should check session at each page/request and if not found redirect request to login page.
TheV

TheV

Branch Unspecified
03 Apr 2012
Thank you everyone.. I got some success in the concern. but ianoop even I validated the session check on each page and using redirection to the Login page.It is not redirected and showing me invalid index error.
Giving the code down.

<%!
String username;
%>
<%
username = (String)session.getAttribute("username");
if(username == null ){
System.out.println("inside");
response.sendRedirect("Login.html");
}
Connection con = ConnectDB.createConn();
Statement stmt = con.createStatement();
ResultSet rs = stmt.executeQuery("Select name,adminship from account where user_name ='"+ username +"'");
rs.next();
%>

here System.out.println("inside"); get printed(after pressing back button) but then also it is not redirected to the login.html page..(clear cache and all code are written in the page)
Help me out please..
Anoop Kumar

Anoop Kumar

Branch Unspecified
03 Apr 2012
I never seen invalid index error on jsp.
i found about this only on this page .
Rest you are doing wrong is username = (String)session.getAttribute("username");
here if session is null then it will not able to cast it to String.
you should do like this ie: ternary operation

username = session.getAttribute("username") !=null ? session.getAttribute("username") :"";
after it check whether username is valid or not.
While developing jsp's , In case you stuck somewhere first clean the history of browser and delete work directory of server. and try to re-deploy.
I hope it will work.
03 Apr 2012
See guys, this is a PHP snippet, doing the same thing of no cache and requesting page fresh. Try to convert it to JSP:
<?php
  header
("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
  
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); // Date in the past
?>
TheV

TheV

Branch Unspecified
03 Apr 2012
Problem solved .. 😀 Thankyou everyone.. What I did is I make one jsp page which is called after logout. From this jsp page I did nothing but redirect to Login.html page. Now if the user press back button the jsp page is reload as I cleared the cache and history stuff from the page. In this jsp page I check for authentication, if not authenticated it redirect to Login page. No need of checking the authentication in each and every page.
My application running fine but can it create any further problem which is I'm not aware of . If yes please let me know.

Share this content on your social channels -

Only logged in users can reply.