Hello pramod,
Try session:invalidate().
-----Original Message-----
From: pramod [mailto:[EMAIL PROTECTED]]
Sent: Monday, January 22, 2001 6:30 AM
To: [EMAIL PROTECTED]
Subject: Re: SV: Tell me abt Session
hi Matthias,
Thanks for ur kind information.
Now i can safely pass param used for authentication.Thanks.
But i am facing another problem.In my second servlet there is a logout
button and i want to use it for deleting that particular session through
which the authentication happens. The problem is eventhough the users
logout , using bookmarks or the actual URL others can easily go to the
second servlet. I mean whenever user logs out i want to delete that
particular session .....using its session id or by anyother function .
Is there any function to kill or erase sessions. Evenafter going through
the Servlet API docs i couldn't find out one.
My logic is ---Whenever user calls second servlet from first servlet ,
it will pass sessinID through URL and userid and password as session
variables. And in second servlet i will receive the session id from URL
and check whether that particular session exists or not. (This method is
usefull to deny the access when people use BookMarks. ) And while
logging out from the second servlet i will kill that particular session
using the session id.
Is it possible . and what are the available functions .
Thanks
by pramod
Matthias Carlsson wrote:
> In your first servlet, where you gather the user information, the
following
> code
> could be used (in your doGet()- or doPost()-method).
>
> HttpSession session = request.getSession(true);
> session.setAttribute("userid", new Integer(userID));
> session.setAttribute("password", password);
>
> getSession(true) indicates that a session for the user should be created
if
> it
> doesn't exist; the following two lines add the user information to the
> session
> object. 'userID' is an int with the user's id, and 'password' (String)
> his/her password.
>
> Now, in your second servlet, do something like this to get the data.
>
> HttpSession session = request.getSession(true);
> int userID = ((Integer)session.getAttribute("userid")).intValue();
> int password = (String)session.getAttribute("password");
>
> For more information, just read the Servlet API documentation.
>
> [ Matthias Carlsson ]
> [ Programmer (Java, XML/XSL, CGI/Perl, HTML/JS) ] [ Web Designer ]
> [ E-Mail : [EMAIL PROTECTED] ] [ ICQ: 1430647 ]
>
>> -----Ursprungligt meddelande-----
>> Fran: A mailing list for discussion about Sun Microsystem's Java Servlet
>> API Technology. [mailto:[EMAIL PROTECTED]]For pramod
>> Skickat: den 20 januari 2001 07:08
>> Till: [EMAIL PROTECTED]
>> Amne: Tell me abt Session
>>
>>
>> hi
>>
>> i am calling a servlet form antthor servlet. Actully from the calling
>> servlet i am passing param to the second servlet. Here the first servlet
>> is used for Authentication and i am passing the userid and password to
>> the second servlet. But i think this is not a good practice to pass this
>> kind of parm through URL eventhough we uses encription technics. Can any
>> body explain how can i use Session to pass variables between servlets.
>> What are the issues while using Session mechanism.
>>
>> Thanks in adv.
>>
>> by
>> pramod
>>
>>
>> _________________________________________________________
>> Do You Yahoo!?
>> Get your free @yahoo.com address at http://mail.yahoo.com
>>
>> __________________________________________________________________
>> _________
>> To unsubscribe, send email to [EMAIL PROTECTED] and include
>> in the body
>> of the message "signoff SERVLET-INTEREST".
>>
>> Archives: http://archives.java.sun.com/archives/servlet-interest.html
>> Resources: http://java.sun.com/products/servlet/external-resources.html
>> LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
>
>
>
___________________________________________________________________________
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the
body
> of the message "signoff SERVLET-INTEREST".
>
> Archives: http://archives.java.sun.com/archives/servlet-interest.html
> Resources: http://java.sun.com/products/servlet/external-resources.html
> LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
>
>
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
The information in this electronic mail ("e-mail") message may
be confidential and for use of only the named recipient. The
information may be protected by privilege, work product immunity
or other applicable law. If you are not the intended recipient
the retention, dissemination, distribution or copying of this
e-mail message is strictly prohibited. If you receive this e-mail
message in error please notify us immediately by telephone
at 770-723-1011 or [EMAIL PROTECTED] Thank you.
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
