On 12-Oct-2009, at 11:24, Josh Gooding wrote:
Well upon clicking "logout" the following occurs:
session.removeAttribute("User");
session.invalidate();
response.sendRedirect("EULA.jsp");
If I close the browser window, and reopen it without clicking the
logout
button, I can still get back into my active session. How would I
invalidate
the session upon closing the browser window?
What browser are you using, and how are you reopening the window? If
you exit
your browser the session should be invalidated, though:
- Firefox maintains its state if you make it remember the open tabs/
windows
- IE will open a separate application instance only if it is
launched via
the desktop icon. Selecting 'New Window' form the file menu will
simply
create a new window in the same instance.
André
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
