1

I have created a LoginQuery Class that will check the login email and password from SQL database. It will return status as true if the parameter matches. And if status == true, I have forward user to "home.jsp" page. But the problem is that if user click back button in browser then again login page is seen. How to avoid login page after user has entered home page? I tried using session.invalidate(); but did not workout.

    // set up an LoginQuery Object
    LoginQuery lq = new LoginQuery();
    boolean status = lq.checkLogin(userModel);

    // use the status
    if (status == true) {
        HttpSession session=request.getSession();
        session.setAttribute("username",email);
        String url = "/home.jsp";   
        RequestDispatcher dispatcher = request.getRequestDispatcher(url);
        dispatcher.forward(request, response);
    } else {
        String Error = "Please check your Email and Password";
        request.setAttribute("Error", Error);
        RequestDispatcher rd = request.getRequestDispatcher("welcome.jsp");
        rd.include(request, response);
    }

1 Answers1

0

Use a redirect instead of forwarding to home.jsp

Bob
  • 780
  • 9
  • 10
  • there is only forward code. How to use redirect? Can you please show in this scenario? –  Oct 28 '15 at 01:14
  • http://stackoverflow.com/questions/20371220/what-is-the-difference-between-response-sendredirect-and-request-getrequestdi . This discusses a response.sendRedirect(). – Bob Oct 28 '15 at 01:19
  • I used => String url = "home.jsp"; response.sendRedirect(url); But still if I hit back button arrow in browser, I am getting login page. How can I fix it? –  Oct 28 '15 at 01:32
  • Have the login page check to see if they are logged in already and redirect. – Bob Oct 28 '15 at 01:36
  • can you show me full code where and how can i implement that? –  Oct 28 '15 at 01:41
  • // set up an LoginQuery Object LoginQuery lq = new LoginQuery(); boolean status = lq.checkLogin(userModel); // use the status if (status == true) { HttpSession session=request.getSession(); session.setAttribute("username",email); response.sendRedirect("home.jsp"); } else { String Error = "Please check your Email and Password"; request.setAttribute("Error", Error); } But it is not working. –  Oct 28 '15 at 01:47
  • Can you give steps to reproduce the problem? – Bob Oct 28 '15 at 03:27