Hi,
I am using a servlet to logout. This servlet can be called as a href
link or from any form as an action.
In the doPost() method or doGet() method of the servlet,
check if the session variable is not null and call invalidate method on
the session.
If (request.getSession() != null)
session.invalidate();
//show any text or dispatch request to a view jsp.
Hope this helps
-Mandar
-----Original Message-----
From: Patrick Janssen [mailto:[EMAIL PROTECTED]
Sent: Wednesday, December 10, 2003 12:35 AM
To: Tomcat Users List
Subject: How to logout
Hi all,
I have a webapp (Tomcat 4.1.24) that has a set of jsp's in a protected
directoy. The user login is using form based authentication with a
memoryRealm. This is all working fine.
I am now trying to create a logout button. I have checked the archives
and found a number of threads on this issue. The advise seems to be:
* invalidate the session using session.invalidate();
* send an error code using response.sendError(response.SC_UNAUTHORIZED,
'Logged out');
* make usre that the page is not cached using:
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Expires" content="0">
I have tried all of these and it still does not seem to work. After
clicking the logout button, I can still view the pages in the protected
directory. My button looks like this:
<input type="submit" name="id0" value="Logout"
onclick="session.invalidate();response.sendError(response.SC_UNAUTHORIZE
D,
'Logged out');" >
Thanks for any help that you can give me...
Patrick
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
