When a user has an associated HttpSession object and then want to log out

Question

0

Asked: June 2, 20262026-06-02T02:24:55+00:00 2026-06-02T02:24:55+00:00

When a user has an associated HttpSession object and then want to log out

0

When a user has an associated HttpSession object and then want to “log out” of the application you would invalidate that HttpSession which in turn would remove it from the map that the ServletContext keep of all sessions. But this only removes it on the server side, what happens on the client side? Does the user still keep keep the cookie with the session ID which now no longer has a corresponding session object on the server and keeps sending this to the webserver? And what happens when the user wants to login again after logging out?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-02T02:24:56+00:00

Editorial Team

2026-06-02T02:24:56+00:00Added an answer on June 2, 2026 at 2:24 am

I imagine the sessionId cookie will still be kept, but since this sessionId will not match any session object in the server’s memory, it will be discarded by the server next time user tries to login again. On the server side it will be quite transparent, request.getSession() will return a new session object automatically.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

When a user has an associated HttpSession object and then want to log out

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply