View Full Version : session invalidate in logout

04-23-2008, 07:19 PM
Hi ,
I am having a logout link when clicked it redirects to the login.jsp page.
I have to invalidate the session when the logout link is clicked. (I cannot have a logout.jsp page to invalidate the session there).

How can I invalidate the session.
If I want to do it in the bean how would I be able to do that ??
Please provide the code for invalidating the session (any way except for using the logout as a different jsp page), so that if a user logs out , he would not be able to directly enter the jsp page.


05-07-2008, 11:31 PM
If you cannot have the user navigate through a logout servlet or JSP page (which would seem as the easiest way), what you can do is set a parameter on the login.jsp page at session scope:

<&#37; request.getSession().setAttribute("loggedIn", "no"); %>

and then set it to "yes" when the user successfully logs in. Then you should check on every page (maybe better using a filter on your web.xml) for the existance and correct value ("yes") of this parameter.