Along the same lines
In the Login.do You should have something like HttpSession session = httpServletRequest.getSession( true ); if ( session != null ) { session.setAttribute("loggedin", true); }
And in Logout.do
You should have something like
HttpSession session = httpServletRequest.getSession( false );
if ( session != null ) {
session.setAttribute("loggedin", false);
}The way I have done is, I have divided my action classes into two types. One for logged in users and other for not logged in users. In struts-config one of the attributs of the action class is "requiredlogin=yes" or "requiredlogin=no"
In the actionservlet, I check if the current action's "requiredlogin=yes"
if it is then check for the value session.getAttribute("loggedin"); If it is false, you redirect the page to a login.do else you would send it to correct action class.
Folks, please let me know if this a convoluted way of achieving this.
From: "Amleto Di Salle" <[EMAIL PROTECTED]>
Reply-To: "Struts Users Mailing List" <[EMAIL PROTECTED]>
To: "'Struts Users Mailing List'" <[EMAIL PROTECTED]>
Subject: R: Back Browser Button After Logout and Reload so that continue working
Date: Thu, 24 Jun 2004 16:53:40 +0200
Hi, one possible solution is to invalidate the session inside the "LogoffAction".
HttpSession session = httpServletRequest.getSession( false ); if ( session != null ) { session.invalidate(); }
If you have already done and the problem remains, maybe you are using HttpServletRequest.getSession() method (or getSession(true)) inside the Actions (or "BaseAction" if you use a base class for your all actions, in order to validate the users).
BR /Amleto
-----Messaggio originale----- Da: Ricardo Andres Quintero [mailto:[EMAIL PROTECTED] Inviato: giovedì 24 giugno 2004 15.41 A: [EMAIL PROTECTED] Oggetto: Back Browser Button After Logout and Reload so that continue working
Hello my friends Followed i attach a message i found in the internet. I have found some conceptual solutions about this problem, but i DO need an example that works to solve it.
The conceptual solution talks about a token syncronizer. I don't know how to write it.
Thank you in advanced.
<%-- THE PROBLEM --%>
Hello,
I used Struts to develop a web app which has a login form to permit access to different functionnalities via a menu page. I use a session var I set at login to check if the user has not logged out. The problem that I have is, once I do the logoff, if I use the Back button of the browser to the menu page and do a refresh a new session gets created and I'm able to use the app. I have a filter to do the verification but I tried before doing it in each Action and I have the same problem. I don't access .jsp pages directly, I have an Action for each of them. I read some posts but none seems to talk about my specific problem.
It sounds like a begginer caveat but I have no idea what should I do or what am I doing wrong. Any help appreciated,
Cezar
<%-- END OF THE PROBLEM --%>
-- Ricardo Andrés Quintero R. Ubiquando Ltda.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
_________________________________________________________________
Is your PC infected? Get a FREE online computer virus scan from McAfee® Security. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
