by calling "pragma,no-cache" , you can't prevent one from invoking the
servlet.
the best way is check if there is session exists in the beginning of every
servelet.
HttpSession sess = req.getSession(false);
if ( sess = = null )
{
res.sendRedirect("path to login page");
}
else
{
execute your main code
}
each browser has only one session.
no need to call the session by name.
otherwise try the following tags.
<META HTTP-EQUIV=Expires CONTENT="Sun, 22 Mar 1998 16:18:35 GMT">
or for redirecting
<META HTTP-EQUIV=Refresh CONTENT="0; URL=path">
the above tag immediately redirect the page if the page is html or shtml.
thanx
zulfi
----- Original Message -----
From: Krishnan Srinivasan <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, April 27, 2000 1:14 AM
Subject: Urgent... ref:SESSION
> Hi everyone,
> I wanted to know how to invalidate the session so that even if the user
> clicks the back button of the browser AFTER he LOGS OFF and clicks on
some
> buttons that call some servlets I should display
> "PLEASE LOGIN AGAIN" How do I do this. This is similar to hotmail website
> where after you logout you can't check your mails or click on the inbox
> because it will prompt you with the LOGIN PAGE !
>
> This is what I did in my logout
>
> HttpSession session = getSession(true)
> session.invalidate();
>
> Now the session I created when the user logs in was named usersession.
> Do I have to say usersession.invalidate ? I thought every browser is
> associated with only that session. Or do I have to specifiy the session
name
> to invalidate ? Because if I have 2 or more sessions ...the
getSession(true)
> will return which one?
>
> resp.sendRedirect("/servlet/login");
>
> But Still i can run some servlets if I click on the back button
> Why is that so ?The session still has the userid Should I call the
> pragma no-cache in all servlets ? in resp.setHeader ?
>
> Thanks
> Krishnan
>
>
>
>
> ________________________________________________________________________
> Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
>
>
___________________________________________________________________________
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the
body
> of the message "signoff SERVLET-INTEREST".
>
> Archives: http://archives.java.sun.com/archives/servlet-interest.html
> Resources: http://java.sun.com/products/servlet/external-resources.html
> LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
>
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
