I'm trying to do some checking on my pages that make sure that the user logged out and
all the attributes that were bounded to the session were destroyed (using
session.invalidate() in the logout page). However, I'm running into difficulties with
1 of my pages.
The check works fine on all the other pages except this one. I try to
response.sendRedirect() the page to the login page again, but it seems to ignore it
and I get errors that I can't forward after a response has been committed. And other
times it logs the user right back in as if nothing happened after the user logged
out...it's only with this one page.
here's the code. I'm not sure what could be wrong:
<%@ page session="true" %>
<%@ page contentType="text/html;charset=WINDOWS-1252" %>
<%@ page import = "java.util.*, java.sql.*, java.util.Vector.*" %>
<jsp:useBean id="pool" class="ConnectionPool" scope="application" />
<%
response.setHeader("pragma", "no-cache");
response.setHeader("Cache-Control", "no-cache");
response.setHeader("Expires", "0");
Connection conn = null;
String asql = null;
Statement stmt = null;
ResultSet rs = null;
String aUserID = null;
String aPassword = null;
try
{
FB user = (FB) session.getAttribute("bean");
//*******************************************************************
// FormBean Exists
//*******************************************************************
if (user != null)
{
aUserID = user.getUSER_ID();
aPassword = user.getPASSWORD();
}
//*******************************************************************
// No session bean exists
//*******************************************************************
else
{
response.sendRedirect("../html/ReLogin.html");
}
//************************************************************
// INITIALIZE THE POOL
//************************************************************
if (pool.getDriver() == null)
{
pool.init();
pool.initializePool();
}
boolean aloginflag = false;
conn = pool.getConnection();
stmt = conn.createStatement();
asql = getSqlStatement();
System.out.println(asql);
String accesscode = null;
rs = stmt.executeQuery(asql);
while (rs.next())
{
aloginflag = true;
System.out.println("Login successful!");
accesscode = rs.getString("ACCESS_CODE");
user.setACCESSCODE(accesscode);
System.out.println(accesscode);
} // end while
if(aloginflag)
{}
else
{
%>
<jsp:forward page="../html/LoginError.html"></jsp:forward>
<%
}
if (accesscode.equalsIgnoreCase("B"))
{
%>
<jsp:forward page="daily.jsp"></jsp:forward>
<%
} // end if
else if (accesscode.equalsIgnoreCase("C"))
{
%>
<jsp:forward page="report2.jsp"></jsp:forward>
<%
} // end else if
else if (accesscode.equalsIgnoreCase("G"))
{
%>
<jsp:forward page="report.jsp"></jsp:forward>
<%
} // end else if
else if (accesscode.equalsIgnoreCase("U"))
{
%>
<jsp:forward page="news.jsp"></jsp:forward>
<%
} // end else if
else
{
System.out.println("No account found in the database!");
response.sendRedirect("../html/LoginError.html");
} // end else
}
catch(SQLException e)
{
// Login SQL Error!
response.sendRedirect("../html/LoginError.html");
}
catch(ClassNotFoundException e)
{
// Classname Error!
response.sendRedirect("../html/DBConnError.html");
}
finally
{
try
{
if (stmt != null) stmt.close();
if (rs != null) rs.close();
if (conn != null ) pool.releaseConnection(conn);
}
catch (Exception sqlex)
{
response.sendRedirect("../html/LoginError.html");
}
}
%>
I find that it totally disregards the lines after the TRY statement and even after I
log out I can still see that when I hit the back button it process the sql query and
doesn't redirect. I tried to change the else (after the aloginflag) to a
response.sendRedirect() and the page breaks...
What am I doing wrong?
Thanks,
Lior
---------------------------------
Do you Yahoo!?
Faith Hill - Exclusive Performances, Videos, & more
faith.yahoo.com
