public class logout extends HttpServlet {
	public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
            process(request,response);
    }
    public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
            process(request,response);
    }
    public void process(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		HttpSession session = request.getSession();
		session.invalidate();
		response.sendRedirect("index.jsp");
	}
}

session is still alive!!!

no. But when you go to that JSP you immediately create a new session :)

can you give an example?

well u could logout by using these methods
1) using the session.invalidate();
2) restricting the user from using the login details (when using the back button) by refreshing the page.
3) Using the sessionAccessTime.........

The first method does get you out of the session ............
provided you have used the session='true' [for jsp pages]
or HttpSession s=request.getSession(true) [in servlet this code works in the jsp in <% %>tag]
in the first page and using false in the rest of the pages as it wont create the new sessions..................

but this method is ineffective as the browser has a back button.................

if you want to know more about doing a proper logout you can write to me

well u could logout by using these methods
1) using the session.invalidate();
2) restricting the user from using the login details (when using the back button) by refreshing the page.
3) Using the sessionAccessTime.........

The first method does get you out of the session ............
provided you have used the session='true' [for jsp pages]
or HttpSession s=request.getSession(true) [in servlet this code works in the jsp in <% %>tag]
in the first page and using false in the rest of the pages as it wont create the new sessions..................

but this method is ineffective as the browser has a back button.................

if you want to know more about doing a proper logout you can write to me

I had read what you have discussed here. I am facing same problem what you had. If any suggestion or help that will be appreciated.

I had read what you have discussed here. I am facing same problem what you had. If any suggestion or help that will be appreciated.

is to session.setAttribute(null,"sessionname");
commented: Nice to see you come back and reply to old thread +19

session.invalidate(); will do the job.....we should have conditions to check if the session-attributes are present in every page except the login page....


or session.removeAttribute(); will also do the job...if you remove all the attributes...:)

you dont know anything where is the code?
next be more clear.

it was posted i think in May 2008.

you dont know anything where is the code?
next be more clear.

Next time please make sure that you do not reopen old thread when you do not have anything valid to say.

good solution u have given

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.