Invalidating session in servlet

I am working on an application where i maintain in a users session a value " Allow cookies that are stored on ur computer - enable and as u have said my application works perfect in IE5.0 any other option that need to be checked in IE5.5.actually that was the first thing i checked.

invalidating session in servlet-21

If the server tries to send a response then an exception will be thrown.

You can use Java Script to determine when the browser window is being closed and then meybe send a message to the backend ... Due to security reasons it is required that in case the user is currently sitting idle for too long (say 5 min's) then the application "should automatically log the user out" Secondly, i am also having problems destroying a session when the user clicks on the "logout" button.

A Session can be loosely defined as a connection (connection-less connection as HTTPServlets are HTTP centric) thus renewal or establishing a new session should invlove server and client ports to recommunicate and restablish a connection-less connection (TCP based).

Now when the old session is invalidated and a new one is REQUESTED, there could not be an immediate response where that is ...

:) Thanks Hi, u can add one char field in ur rdbms, where u can save the state of the user, like, if user logs in, save Y, if user logs off save N.

So that, instead of invalidating the session(as of methods r not available), u can check it thr' rdbms. to kulsmadya if you do as what you have said, the requirement of vi fails.

Then My servlet process the request, and forward it to the . No, the session will not be invalidated when you close the browser.

There is no way for the server to know when the browser closes.

You can use the on Unload event BUT it will trigger everytime the user changes pages.

I actually had a script working that ran them thru a logout servlet with the on Unload event (Javascript) but it turned out to be a major headache so I scrapped it & we ..its better if u could create another page (logout.jsp) and in there include this session.invalidate () to be more clear in ur jsp page have a button for logout and then when user cliks on it then he should be directed to this page which does this invalidation!!!

This way all the servlets and JSPs of the web app would have access to it.

Comments are closed.