tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Patrick Janssen" <patr...@janssen.name>
Subject How to logout
Date Wed, 10 Dec 2003 05:34:37 GMT
Hi all,

I have a webapp (Tomcat 4.1.24) that has a set of jsp's in a protected
directoy. The user login is using form based authentication with a
memoryRealm. This is all working fine.

I am now trying to create a logout button. I have checked the archives and
found a number of threads on this issue. The advise seems  to be:

* invalidate the session using session.invalidate();
* send an error code using response.sendError(response.SC_UNAUTHORIZED,
'Logged out');
* make usre that the page is not cached using:
  <meta http-equiv="Pragma" content="no-cache">
  <meta http-equiv="Expires" content="0">

I have tried all of these and it still does not seem to work. After clicking
the logout button, I can still view the pages in the protected directory. My
button looks like this:

<input type="submit" name="id0" value="Logout"
onclick="session.invalidate();response.sendError(response.SC_UNAUTHORIZED,
'Logged out');" >

Thanks for any help that you can give me...

Patrick


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message