Destroy Cookie while Logging out.
By
·
·
Code Snippet
Likes
(2)
Likes
There are no likes...yet! 👀
Be the first to like this post!
It looks like you're not logged in.
Sign in to see who liked this post!
Comment
Save
40.5K Views
Join the DZone community and get the full member experience.
Join For FreeI was facing a problem where while a person logs out his session is invalidated but the JSESSIONID still remained in the browser. As a result while logging in the Java API used to get the request from the browser along with a JSESSIONID(Just the ID since the session was invalidated) and would create the new session with the same ID. To fix this problem I used the above code so that whenever a user logs out the entire JSESSIONID becomes empty and thus cookie wont exist for that site.Anyone using JAVA can utilize this in their code.
@RequestMapping(value = "/logout", method = RequestMethod.POST)
public void logout(HttpServletRequest request,
HttpServletResponse response) {
/* Getting session and then invalidating it */
HttpSession session = request.getSession(false);
if (request.isRequestedSessionIdValid() && session != null) {
session.invalidate();
}
handleLogOutResponse(response);
}
/**
* This method would edit the cookie information and make JSESSIONID empty
* while responding to logout. This would further help in order to. This would help
* to avoid same cookie ID each time a person logs in
* @param response
*/
private void handleLogOutResponse(HttpServletResponse response) {
Cookie[] cookies = request.getCookies();
for (Cookie cookie : cookies) {
cookie.setMaxAge(0);
cookie.setValue(null);
cookie.setPath("/");
response.addCookie(cookie);
}
}
Session (web analytics)
Java (programming language)
Facing (retail)
API
Requests
Opinions expressed by DZone contributors are their own.
Comments