Java EE (Java Enterprise Edition) General Discussion

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

How to invalidate JSP session using session ID

843840Apr 3 2008 — edited Apr 6 2008

Hello,

I have a system consisting of three different departments, each department has its own login page with different username and password.

from the same browser, all three administrators can log in successfully, during there login, one session is created with different attributes for each of them, if any one administrator logs out, I invalidate the session, which logs out the other two administrators.

Can I use session Id to log out on administrator while the other two can stay logs in?

If I am using the wrong approach all together, can anyone suggest an alternative please?

here is my code to create session:
// if correct username and password entered then create session
String financeAdminSess = adminUsername;
session.setAttribute("financeAdminSess", adminUsername);
String redirectURL = "finance_admin_home.jsp";
response.sendRedirect(redirectURL);

and here is the code for loggin out:
// get session
String financeAdminSess=(String) session.getAttribute("financeAdminSess");
// remove session
session.removeAttribute("financeAdminSess");
// invalidate session
session.invalidate();

How can I invalidate this session without affecting the other sessions create in the same ways as the above?

Any suggestion would be much appreciated.

Thanks
Shaxo

Locked Post

New comments cannot be posted to this locked post.

Locked on May 4 2008

Added on Apr 3 2008

#javaserver-pages-jsp-and-jstl

1 comment

2,495 views