如何禁用默认的servlet容器会话？ [英] How to disable default servlet container session?

问题描述

在J2EE Web应用程序中，如何禁用默认的HttpSession创建？

In J2EE web application, how do I disable the default HttpSession creation?

我们有自己的跟踪会话方式，我们不使用默认的jsp / servlet会话，但默认会话在浏览器中设置cookie，我想避免。现在在每个JSP页面上我们在页面指令中指定为session =false，但是通常一些开发人员错过了这一部分，所以我试图找到一个可以控制默认会话的公共位置。

We have our own way of tracking session, we don't use default jsp/servlet session but the default session sets cookie in browser which I would like to avoid. Right now on every JSP page we specify as session="false" in page directive but often some developers missing this part, so I am trying to find a common place where I can control default session.

推荐答案

我正在寻找一个可以控制默认会话的公共场所。

I am trying to find a common place where I can control default session.

答案是servletcontainer特定的，因为那是负责会话创建和管理的人。标准的Servlet API不对此负责。目前还不清楚你正在使用哪个servlet容器，所以这里有一个Tomcat目标答案：创建你自己的 <经理> 。

The answer is servletcontainer specific since that's the one responsible for session creation and management. The standard Servlet API isn't responsible for that. It's unclear which servletcontainer you you're using, so here's a Tomcat targeted answer: create your own <Manager>.

或者，您也可以完全禁用cookie支持并且仅依赖URL重写（但不是这样做）。这样会话就无法在请求中生存。您可以通过设置 <$ c的 cookie 属性来执行此操作，例如Tomcat $ c>< Context> 元素到 false 。

Alternatively, you can also entirely disable cookie support and rely on URL rewriting only (but not do it). This way sessions won't survive among requests. You can do this in in for example Tomcat by setting the cookie attribute of the <Context> element to false.

如果您正在使用另一个servletcontainer，那么您需要根据上面的新学习信息和关键字查阅其文档，或者只是提到它是哪一个。

If you're using another servletcontainer, then you need to consult its documentation based on the newly learnt information and keywords here above, or just to mention here which one it is.

这篇关于如何禁用默认的servlet容器会话？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！