oops meant to send this to the list as well.
-- Forwarded message --
From: David Johnson [EMAIL PROTECTED]
Date: Tue, 8 Mar 2005 09:15:52 -0500
Subject: Re: session.invaludate(); not working in LogoffAction
To: Max Cooper [EMAIL PROTECTED]
Well, it's interesting actually. What
hi all
have a logoff action, and inside it I do the following.
// Clean up the session if there is one
HttpSession session = request.getSession();
session.invalidate();
When I watch what's happening in the manager application (I'm using
Tomcat) the number of sessions does not decrease, and I
I think that you shouldn't just check for the existence of a Session,
you should check for a user Session attribute that you have set in
your own code. If you are invalidating the Session and this attribute
still exists afterward, I'd suggest something has gone awry . . .
And yes, I do it in
-
Von: David Johnson [mailto:[EMAIL PROTECTED]
Gesendet: Montag, 7. März 2005 22:44
An: Struts Users Mailing List
Betreff: session.invaludate(); not working in LogoffAction
hi all
have a logoff action, and inside it I do the following.
// Clean up the session if there is one
-
Von: David Johnson [mailto:[EMAIL PROTECTED]
Gesendet: Montag, 7. März 2005 22:44
An: Struts Users Mailing List
Betreff: session.invaludate(); not working in LogoffAction
hi all
have a logoff action, and inside it I do the following.
// Clean up the session if there is one
is unclear.
---
kr,
guenther
-Original Message-
From: Leon Rosenberg [mailto:[EMAIL PROTECTED]
Sent: Monday, March 07, 2005 10:52 PM
To: 'Struts Users Mailing List'
Subject: Re: session.invaludate(); not working in LogoffAction
Graig will blame for not using Filters
Users Mailing List'
Subject: RE: session.invaludate(); not working in LogoffAction
i prefer to write my own RequestProcessor which does all the checking and
handling in case of user not logged in.
and even more preferable is to implement J2EE security which was
suprisingly
simple (at least
Users Mailing List'
Subject: RE: session.invaludate(); not working in LogoffAction
i prefer to write my own RequestProcessor which does all the checking and
handling in case of user not logged in.
and even more preferable is to implement J2EE security which was
suprisingly
simple (at least
Are you using HTTP BASIC authentication? If you get a login dialog box,
as opposed to a login web page, you are probably using HTTP BASIC
authentication. If so, the browser remembers the login and automatically
sends it to the app with each request, which will log the user in again
if they revisit
9 matches
Mail list logo
