单击注销按钮,终止会话并重定向到登录页面 [英] Kill session and redirect to login page on click of logout button

查看:92
本文介绍了单击注销按钮,终止会话并重定向到登录页面的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我在JSP中有以下代码:

I have the following code in JSP:

当用户点击退出按钮时,我想将他重定向到登录页面并杀死本届会议。我已成功完成重定向部分,但我不知道如何终止会话。怎么可以这样做?

When the user clicks on the log out button, I want to redirect him to the log-in page and kill the current session. I have succeeded in the redirection part but I do not know how to kill the session. How can this be done please?

推荐答案

为了杀死当前会话,你基本上需要调用 HttpSession #invalidate() 并执行重定向到登录页面或主页面。此代码应放在 servlet的 doPost()方法中由POST请求调用。

In order to kill the current session, you basically need to call HttpSession#invalidate() and perform a redirect to the login or main page. This code is supposed to be placed in doPost() method of a servlet which is invoked by a POST request.

例如

<form action="${pageContext.request.contextPath}/logout" method="post">
    <input type="submit" value="Logout" />
</form>

with

@WebServlet("/logout")
public class LogoutServlet extends HttpServlet {

    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        request.getSession().invalidate();
        response.sendRedirect(request.getContextPath() + "/LoginPage.html");
    }

}






无关到具体问题,您的用户名检查代码不在正确的位置。您不应该在每个JSP页面上复制相同的代码。您应该在 servlet过滤器中的单个位置执行此作业。 JSP文件中的Java代码应尽可能避免


Unrelated to the concrete problem, your username checking code is not at the right place. You shouldn't be copypasting the same code over every single JSP page. You should be performing this job in a single place in a servlet filter. Java code in JSP files should be avoided as much as possible.

此外,当最终用户使用浏览器的后退按钮导航回历史记录时,还有另一个潜在的问题。默认情况下,浏览器将缓存所有响应,因此后退按钮可能会显示浏览器缓存中的页面,而不是从服务器请求全新的响应。为了解决这个问题,请参阅此相关问题防止用户在注销后看到以前访问过的受保护页面

Further, there's another potential problem when the enduser uses the browser's back button to navigate back in history. By default, the browser will cache all responses and thus the back button might display the page from the browser cache instead of requesting a brand new straight from the server. In order to fix this, see this related question Prevent user from seeing previously visited secured page after logout

最后但并非最不重要的是,你有一些非常奇怪的HTML。使用 onClick 进行导航的按钮?用户和SEO如何不友好。请改用普通的< a> 链接。对于按钮look'n'feel,扔一些CSS。

Last but not least, you've there some quite strange HTML. Buttons with onClick to navigate? How user and SEO unfriendly. Use normal <a> links instead. For the button look'n'feel, throw in some CSS.

这篇关于单击注销按钮,终止会话并重定向到登录页面的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆