1. 技术文章
  2. After logout back/reload issue in Struts 2

After logout back/reload issue in Struts 2

情到浓时终转凉″ 提交于 2019-12-23 02:38:30

问题


I have a login page (Index.jsp) , here user put user id and password. on submit LoginAuthentification.java(action class) called and authenticate the user , but according to the result in action class it return the JSP. 

<action name="login" class="com.struts2.LoginAuthentication"
    method="execute">
    <interceptor-ref name="clear-cache" />
    <result name="manager">/ManagerView.jsp</result>
    <result name="SSE" type="redirectAction">
        <param name="actionName">viewPlan</param>
        <param name="userID">${userID}</param>
    </result>
    <result name="input">/Index.jsp</result>
    <result name="error">/error.jsp</result>
</action>

In this case, it is returning ManagerView.jsp. Now in this JSP, I added a hyperlink for logout. and it is doing below 

<action name="logout" class="com.struts2.LoginAuthentication"
    method="logout">
    <interceptor-ref name="clear-cache" />
    <result name="success">/Index.jsp</result>
    <result name="error">/error.jsp</result>
</action>

code from action class

public String logout() {  
    //if (session instanceof org.apache.struts2.dispatcher.SessionMap) {
    session.clear();
    //session.re
    System.out.println("test");
    session.remove("loggedInUser");
   ((org.apache.struts2.dispatcher.SessionMap) session).invalidate();

    //}  
    return "success";
}

after logout it is redirected to Index.jsp, now I clicked on back button It display "confirm form resubmission" message in chrome and webpage expired in IE. But when I reload the page it login the old user automatically. I have added 

<%                        
  response.setHeader("Cache-control", "no-cache, no-store");           
  response.setHeader("Expires", "0");
  response.setHeader("Vary", "*");
%>

in the JSP as well as in interceptor.

I am trying to block auto login on reload.


回答1:


The problem is that after logout you are not actually redirect to a new action. The cause of such behavior when you pressed the back button you got a conformation dialog in the browser. The back button is not used to call an action, unless it's not invoked via triggering it using Ajax. You should follow post-redirect-get pattern when doing request for logout.

<action name="logout" class="com.struts2.LoginAuthentication" method="logout">
    <interceptor-ref name="clear-cache" />
    <result name="success" type="redirect">/</result>
    <result name="error">/error.jsp</result>
</action>



回答2:


I resolved the issue by redirecting it to another action. and wrote another interceptor to validate if it is having user id in the session or not.

<default-interceptor-ref name="loginStack"></default-interceptor-ref>
<action name="login" class="com.struts2.LoginAuthentication"
            method="execute">
            <interceptor-ref name="defaultStack"/>
            <result name="manager" type="redirectAction">
            <param name="actionName">home</param>
            </result>
</action>
<action name="home" class="com.struts2.LoginAuthentication"
            method="home">
            <result name="success">/ManagerView.jsp</result>
            <result name="error">/error.jsp</result>
        </action>


来源:https://stackoverflow.com/questions/28663727/after-logout-back-reload-issue-in-struts-2

标签
jsp
struts2
logout
post-redirect-get
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!