I am trying to write an application for google app engine that would be available only for myself. (I know it sounds strange..just for the time being) I am trying to write a Login servlet that would authenticate user using google's UserService and let the user into the app only if I login and would show a brief message prompting for logout for everyone else.
Here is the code I have written :
public class MainPageServlet extends HttpServlet {
public void doGet(HttpServletRequest req, HttpServletResponse resp)
throws IOException {
resp.setHeader("Cache-Control", "no-store, no-cache, must-revalidate");
resp.setContentType("text/html");
UserService userService = UserServiceFactory.getUserService();
User user = userService.getCurrentUser();
if (user != null) {
if(user.getEmail().equals("[email protected]")) {
resp.getWriter().println("done");
}
else {
resp.getWriter().println("Hello, " + user.getNickname()+"<br>");
resp.getWriter().println("Thanks for your interest. But this application is still not available to everybody.");
resp.getWriter().println("<a href="+UserServiceFactory.getUserService().createLogoutURL(userService.createLoginURL(req.getRequestURI()))+">Log out</a>");
}
} else {
resp.sendRedirect(userService.createLoginURL(req.getRequestURI()));
}
}
}
The code related to "driving away" all other users works fine. But I am facing problems when I login : After I login, it shows the message "done" as expected. However, after this, if I open some other google service and logout from there and again invoke this servlet, it still shows the message "done". I had expected that the app would prompt me for login again..which is not happening..I thought its happening because the result is getting cached and so disabled caching(1st line in the method)...but the problem persists even after that..whats wrong? How do I get the expected behavior?