https://wiki.owasp.org/index.php?action=history&feed=atom&title=Logout
Logout - Revision history
2026-04-21T12:31:10Z
Revision history for this page on the wiki
MediaWiki 1.27.2
https://wiki.owasp.org/index.php?title=Logout&diff=235252&oldid=prev
Imifos: Moved page into the right category. See Java space page for me details. Content has not been reviewed in this edit.
2017-11-10T11:48:00Z
<p>Moved page into the right category. See Java space page for me details. Content has not been reviewed in this edit.</p>
<table class="diff diff-contentalign-left" data-mw="interface">
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 11:48, 10 November 2017</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l75" >Line 75:</td>
<td colspan="2" class="diff-lineno">Line 75:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div></pre></div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div></pre></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>[[Category:<del class="diffchange diffchange-inline">OWASP </del>Java <del class="diffchange diffchange-inline">Project</del>]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>[[Category:Java]]</div></td></tr>
</table>
Imifos
https://wiki.owasp.org/index.php?title=Logout&diff=122989&oldid=prev
Dominique RIGHETTO: Title revision
2012-01-20T22:25:34Z
<p>Title revision</p>
<table class="diff diff-contentalign-left" data-mw="interface">
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 22:25, 20 January 2012</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l5" >Line 5:</td>
<td colspan="2" class="diff-lineno">Line 5:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>Session logout have to objective to cancel conversation established between the browser and the web server. We means here, by conversation, several browser request and response that has been linked between them.</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>Session logout have to objective to cancel conversation established between the browser and the web server. We means here, by conversation, several browser request and response that has been linked between them.</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>==Steps of <del class="diffchange diffchange-inline">the </del>session logout process==</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>==Steps of session logout process==</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>Logout is composed by 2 steps:</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>Logout is composed by 2 steps:</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div># Invalidate user session (indicate to web server that the session is not used anymore).</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div># Invalidate user session (indicate to web server that the session is not used anymore).</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div># Cancel cookie send by the web server to track user session (and also all cookies sent by web application, this, in order to have a global clean state).</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div># Cancel cookie send by the web server to track user session (and also all cookies sent by web application, this, in order to have a global clean state).</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>==Code sample of <del class="diffchange diffchange-inline">the </del>session logout process==</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>==Code sample of session logout process==</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div><pre></div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div><pre></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>package org.owasp.javaproject.logout;</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>package org.owasp.javaproject.logout;</div></td></tr>
</table>
Dominique RIGHETTO
https://wiki.owasp.org/index.php?title=Logout&diff=122987&oldid=prev
Dominique RIGHETTO: Page creation
2012-01-20T22:18:43Z
<p>Page creation</p>
<p><b>New page</b></p><div>==Status==<br />
Released on (mm/dd/yyyy) : 01/20/2012<br />
<br />
==Objective of session logout process==<br />
Session logout have to objective to cancel conversation established between the browser and the web server. We means here, by conversation, several browser request and response that has been linked between them.<br />
<br />
==Steps of the session logout process==<br />
Logout is composed by 2 steps:<br />
# Invalidate user session (indicate to web server that the session is not used anymore).<br />
# Cancel cookie send by the web server to track user session (and also all cookies sent by web application, this, in order to have a global clean state).<br />
<br />
==Code sample of the session logout process==<br />
<pre><br />
package org.owasp.javaproject.logout;<br />
<br />
import java.io.IOException;<br />
import javax.servlet.ServletException;<br />
import javax.servlet.annotation.WebServlet;<br />
import javax.servlet.http.Cookie;<br />
import javax.servlet.http.HttpServlet;<br />
import javax.servlet.http.HttpServletRequest;<br />
import javax.servlet.http.HttpServletResponse;<br />
import javax.servlet.http.HttpSession;<br />
<br />
/**<br />
* Code sample showing how to perform a complete logout<br />
*/<br />
@SuppressWarnings("serial")<br />
@WebServlet("/Logout")<br />
public class LogoutCodeSample extends HttpServlet {<br />
<br />
/**<br />
* {@inheritDoc}<br />
* <br />
* @see javax.servlet.http.HttpServlet#doPost(javax.servlet.http.HttpServletRequest,<br />
* javax.servlet.http.HttpServletResponse)<br />
*/<br />
@Override<br />
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {<br />
doGet(request, response);<br />
}<br />
<br />
/**<br />
* {@inheritDoc}<br />
* <br />
* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse<br />
* response)<br />
*/<br />
@Override<br />
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {<br />
/*<br />
* First step : Invalidate user session<br />
*/<br />
HttpSession session = request.getSession(false);<br />
if (session != null) {<br />
session.invalidate();<br />
}<br />
<br />
/*<br />
* Second step : Invalidate all cookies by, for each cookie received,<br />
* overwriting value and instructing browser to deletes it<br />
*/<br />
Cookie[] cookies = request.getCookies();<br />
if (cookies != null && cookies.length > 0) {<br />
for (Cookie cookie : cookies) {<br />
cookie.setValue("-");<br />
cookie.setMaxAge(0);<br />
response.addCookie(cookie);<br />
}<br />
}<br />
<br />
}<br />
<br />
}<br />
</pre><br />
<br />
[[Category:OWASP Java Project]]</div>
Dominique RIGHETTO