You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by "Ganesan, Prasanna" <Pr...@adc.com> on 2004/06/03 13:04:11 UTC

session persistence

Hi,
I am using Tomcat 4.1.30. I have the following code in logout.jsp

response.setHeader("Cache-Control","no-cache, post-check=0, pre-check=0");
    response.setHeader("Expires", "Thu, 01 Dec 1994 16:00:00 GMT");
    response.setHeader("Pragma", "No-cache");
    response.setHeader("Window-target","_parent");
    response.addHeader("Cache-control", "no-store"); // tell proxy not to cache
    response.addHeader("Cache-control", "max-age=0"); // stale right away
    response.setDateHeader("Expires", -1);  // Prevents caching at the proxy server
    //session = request.getSession(false);
    if(null != session){
         request.getSession().removeValue("user");
         request.getSession().removeValue("pass");
         //session.invalidate();
    }

After this page opens and I hit backbutton and navigate through the pages, i still have the session values of user and pass available. I set the session values using sesssion.putValue() method. I tried setAttribute() method also but dosent seem to work. Could anyone pleease let me know what iam missing. I also tried session.setValue("user",""); but didnt help the cause.

Thanks,
Prasanna


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org