Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

JSP session.invalidate() vs request.logout()

Tags:

jsp

session

tomcat

logout

invalidation

I have a SignOut button on my jsp page. (Tomcat 8.0.15)

session.invalidate()

or

request.logout()

which one is better for signing-out/terminating the session, what is the main difference? Should I use both?

like image 352
CodeGust Avatar asked Oct 25 '25 01:10

CodeGust

1 Answers

  • logout() clears the identity information in the request but doesn't affect the session
  • invalidate() invalidates the session but doesn't affect the identity information in the request.

I think you should use both.

like image 107
user207421 Avatar answered Oct 27 '25 02:10

user207421
Sign in to Comment

Related questions

Avoid Spring MVC form resubmission when refreshing the page

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!