At 03:13 PM 3/30/99 -0500, you wrote:
>Hi gang,
> I am writing a logout servlet. Basically when the user is done with
>processing he/she needs to be logged out. Any pitfalls i should avoid? Help
>is greatly appreciated..Thanks.
>
>Amar..
>
I wrote one of these and there really ins't much to it. I just called
HttpSession.invalidate() and redirected to our login screen. One thing I
did run into was that while invalidate() removed all the values attached to
the session it didn't seem to remove the session. In other words, after
calling invalidate() and receiving another GET/POST request from the same
client HttpSevletRequest.getSession(false) returned a session rather than
null. I experienced this under both servletrunner and Jserv. I had to
perform an additional check for a session value our login servlet adds to
insure the session was considered "logged in".
Regards,
Bob
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
