如何从JSESSIONID加载Java HttpSession? [英] How can i load Java HttpSession from JSESSIONID?

问题描述

我想通过JSESSIONID获得Java HttpSession.是否有可能?如果是，怎么办?

I want to get Java HttpSession by JSESSIONID. Is it possible? If yes, how?

推荐答案

您需要将它们全部收集在 Map . html"rel =" noreferrer> HttpSessionListener 自己.

You need to collect them all in a Map using a HttpSessionListener yourself.

public class HttpSessionCollector implements HttpSessionListener {
    private static final Map<String, HttpSession> sessions = new HashMap<String, HttpSession>();

    @Override
    public void sessionCreated(HttpSessionEvent event) {
        HttpSession session = event.getSession();
        sessions.put(session.getId(), session);
    }


    @Override
    public void sessionDestroyed(HttpSessionEvent event) {
        sessions.remove(event.getSession().getId());
    }

    public static HttpSession find(String sessionId) {
        return sessions.get(sessionId);
    }

}

只需按如下所示在web.xml中注册即可运行它:

Just register it in web.xml as follows to run it:

<listener>
    <listener-class>com.example.HttpSessionCollector</listener-class>
</listener>

然后，在任何您想执行的地方执行HttpSessionCollector.find(sessionId)来获取有问题的HttpSession.

Then, anywhere you want just do HttpSessionCollector.find(sessionId) to get the HttpSession in question.

也就是说，这是一种巨大的气味.当然，要解决 actual 功能需求，还有更好的方法；)正如我在您的后续问题:

That said, this is a huge smell. There are certainly better ways to solve the actual functional requirement than this ;) As I commented in your follow-up question:

这是您第二次询问一个在现实世界中永远不应该实践的问题.老实说，这一切都有味道.这是什么，您认为在服务器端与JSESSONID关联HttpSession并在客户端获得JSESSIONID值的问题是解决方案"?在新问题中对此进行详细说明，您将获得正确方法的答案.

This is the 2nd time that you asked a question which in real world should never be practiced. Honestly said, this all smells. What is it, the problem for which you think that getting the HttpSession associated with JSESSONID in server side and getting the JSESSIONID value in client side is "the" solution? Elaborate about this in a new question, you'll get answers how to do it the right way.

认真对待.我们不是在取笑您，我们只是在尝试向您提供正确的方向，以避免您的项目/网络应用由于安全漏洞和不良做法而中断，并且/或者您将被解雇.

Take it serious. We're not teasing you, we're just trying to help you in the right direction to avoid that your project/webapp will break due to security holes and bad practices and/or that you will get fired.

这篇关于如何从JSESSIONID加载Java HttpSession?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！