我正在尝试注销用户并通过让用户单击指向未映射到servlet的jsp的链接来销毁会话。
在我的logout.jsp中,我有以下内容(自发布后编辑添加删除但仍未清除会话)
<%
session.removeAttribute("loggedin");
session.removeAttribute("loggedUsrID");
session.removeAttribute("loggedUsrFName");
session.invalidate();
response.sendRedirect(request.getContextPath());
%>
点击后我被重定向到index.jsp,但是当我关闭浏览器然后再次在netbeans中启动应用程序并点击链接时,我在地址栏中看到以下内容
http://localhost:8084/myapp/register.jsp;jsessionid=0002B8466FB3CC578C56E61017E9FD3C
为了完整性,我将包括用户控制器的一部分,该部分登录用户并设置会话以防我在那里做错了
//Handle User Login
private String logInToSite(HttpServletRequest request,
HttpServletResponse response) {
String url;
String message;
// get values from form
String pNum = request.getParameter("phoneNumber");
String upwd = request.getParameter("password");
//validate the values to check for empty values in case JS registration check has failed.
if(pNum.length()==0 ||upwd.length()==0){
message="You have not filled out the required fields.";
request.setAttribute("message", message);
url = "/login.jsp";
return url;
}
//Format the phone number
String mPNum=UserDB.formatPhoneNumber(pNum);
User user = UserDB.loginUser(mPNum, upwd);
if(user==null){
message="User null";
request.setAttribute("message", message);
url = "/loginerror.jsp";
}else{
String hpwd = user.getPwd();
if(BCrypt.checkpw(upwd, hpwd)==false){
message="password didn't match";
request.setAttribute("message", message);
url="/loginerror.jsp";
}
else{
boolean logged=false;
HttpSession session = request.getSession();
session.setAttribute("loggedUsrID", user.getUserID());
session.setAttribute("loggedUsrFName", user.getFName());
session.setAttribute("loggedin",logged=true);
url="/schedule/welcome.jsp";
}
}
return url;
}
答案 0 :(得分:0)
我正在为我的项目执行类似的注销jsp。我的JSP的整个内容只有这个:
<%
session.invalidate();
response.sendRedirect(request.getContextPath());
%>
确保您未在logout.jsp