My JSPs create a User bean with a lifespan of session (if not already
created). This bean has a processRequest() method so that when the page is
displayed, the bean can check for cookies with identifying info, which is
then checked against our database.
Next, I wrote a logoff servlet which was, I thought, going to be trivial. I
would just send back in the response the cookies with invalid values and set
the maxAge(0). But, it seems that this does not work for me. When I come
back in, the User bean still recognizes and retrieves the correct values
from the cookies and assumes the user is still logged on.
I then changed the logout servlet to also call session.invalidate(),
thinking there might be more context than I thought remaining with the JSPs.
But that also did not work.
Is there a trick to deleting cookies that I'm simply unaware of?
Thanks,
David
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff JSP-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
