Java Forum

Ask Question   UnAnswered
Home » Forum » Java       RSS Feeds

Using session attribute in tomcat

  Asked By: Seth    Date: Jan 09    Category: Java    Views: 902

I have the following problem in my web application.
I hold userId and roleId as two session attributes when user login,
and in each page write userId as active user and check roleId for some
work. when user logout, I set these attribute with null.

When two or more users login concurrently or not, in some machines,
that's work well but at one of them (windows server 2003), attribute
value changed.

For example, user X login and after viewing some pages logout and then
another user Y login. when user Y want to view pages, in some of them
user X is wrote as active user whereas user X has logged out. I don't
know why, specially when I see this work well in another machines.



2 Answers Found

Answer #1    Answered By: Dirck Jansen     Answered On: Jan 09

after user  logged out from the system, you have to invalidate the user's session. as you know each user has his/her own session, then invalidating a session  does not  affect others session.
if you are using JSF you have to write  line of code in your backing bean as follow:

((HttpSession) FacesContext.getCurrentInstance().getExternalContent().getSession(true)).invalidate();

if you are using Struts or Common Java Servlet you can do it by Code as follow on your action/doget/dopost method:

i hope this email can solve your problem

Answer #2    Answered By: Calais Bernard     Answered On: Jan 09

I had invalidated session  before, but my problem  didn't solve.
After little search, I found to add the following lines to my pages
and my problem clear.

response.setHeader("Cache-Control","no-cache"); //HTTP 1.1
response.setHeader("Pragma","no-cache"); //HTTP 1.0
response.setDateHeader ("Expires", 0); //prevents caching at the
proxy server

Didn't find what you were looking for? Find more on Using session attribute in tomcat Or get search suggestion and latest updates.