Implementación de cierre de sesión simple java

I've managed to create a secured web service which stores the hash of password with random salt

But now after the user has filled its correct username and password then he is redirected to index.html page.

and now my task is to create the same thing as you see here in stackoverflow in the left corner - I want the user to see his username and next to it to have an option for logout.

But as I have never done such thing can you recommend the steps I should follow and some tutorial - or whatever you think I should read

preguntado el 05 de mayo de 13 a las 18:05

in stackOverflow when you press logout they're directing you to another page - logout page, which handle the logout process -

3 Respuestas

What is the technology stack you are using ? JSP + Java ? JSF + Java ? Struts + Java ? or any-other ? Whatever you use. Most of the framework has a concept of session. When user hit the submit button post filling the form, store the "username" is session. On successful validation pull the "username" stored from session. http://www.javatpoint.com/cookies-in-session-tracking http://www.tutorialspoint.com/jsp/jsp_session_tracking.htm

contestado el 05 de mayo de 13 a las 18:05

I'm using jsp + java. tHANK YOU FOR THE TUTORIAL - Tania Marinova

También deberías pensar en maintaining-separation-of-concerns when dealing with JSPs. - pregunta

Now I decided that Iwant to use axis 2 web service. I suppose there will be no problem to implement your tutorials - Tania Marinova

Easiest way is to have link to page like

http://www.example.com/logout.jsp

Than in logout.jsp, you can logout user from DB (if you use that) and destroy SESSIONS and COOKIES. After that, you do redirect to index page of web. Doing redirect to last page is not always possible, because user coul have been in some logged only part of the web. Good thing is also to check if user is logged before doing real logout, but all of this stuff is in logout.jsp. There is no need to doing it more complicated, than it is :-)

contestado el 05 de mayo de 13 a las 19:05

As you are using JSP you should be using HttpSession. So you only have to call invalidate method when you access the logout page (in this case, logout.jsp):

<% session.invalidate(); %>
<% response.sendRedirect("index.jsp"); %>

If you are using a servlet, you can process this there.

If you want to know more about JSP/servlet development I recommend you este series of videos, if you have little experience they are very easy to follow.

contestado el 05 de mayo de 13 a las 19:05

No es la respuesta que estás buscando? Examinar otras preguntas etiquetadas or haz tu propia pregunta.