在java servlet中使用Sessions [英] Using Sessions in java servlet

问题描述

谁能告诉我如何在登录方法中使用会话？这里我的登录代码及其工作正常。

can anyone tell me how to use sessions in login methods? here my loging code and its working correctly.

protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		// TODO Auto-generated method stub
		String operation = request.getParameter("operation");
		if(operation!=null && operation.equalsIgnoreCase("login")){
			loginDetail(request,response);
		}//else if(operation!=null && operation.equalsIgnoreCase("login")){
			//logout(request,response);
		//}
	}

	private void loginDetail(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException{

		
		User u = new User();
		UserService us =new UserServiceImpl() ;
		
		String Uname = request.getParameter("txtUname");		
		String Pwrd = request.getParameter("txtPwrd");	
		
		u.setUname(Uname);
		u.setPwrd(Pwrd);
		
		System.out.println(Uname+""+Pwrd);
		try {
			if(us.Userlogin(u.getUname(),u.getPwrd())){     
				String message = "Thank you, " + Uname +"..You are now logged into the system";
				HttpSession session = request.getSession(true);
			    session.setAttribute("username", Uname);
			    session.setAttribute("password", Pwrd);	 		
		        response.setContentType("text/html");
			    request.setAttribute("message", message);
				request.getRequestDispatcher("/Menu.jsp").forward(request, response);
			}else {
				String message = "You have to register first or check Your user name password again!";				
				request.setAttribute("loginMsg", message);
				RequestDispatcher rd = getServletContext().getRequestDispatcher("/Login.jsp");
				rd.forward(request, response); 
			}
		} catch (Exception e) {
			// TODO Auto-generated catch block			
			e.printStackTrace();
		}
	}
}

如果您需要有关我的完整代码的更多详细信息，请访问以下链接



http://www.codeproject.com/Messages/4603628/Re-Login-process-Always-false-cannot-find-the-erro.aspx [ ^ ]

推荐答案

您好！ ：

当我把你的问题读到最后，我想，你想保持HttpSession的续航时间。 链接可能会为您提供参考。在我看来，保持Session时间就像

Hello! :
When I read your question to the end and I think , you wanna keep the HttpSession life time. That link may be reference for you. In my opinion, to keep the Session time is like that

session.setMaxInactiveInterval(2 * 60 * 60); // two hours

我只是Java学习者，如果你知道更好的方法，请分享给我们。 ：）

I'm just Java Learner and if you know the better way, share us please. :)

这是在web.xml中设置会话超时的更优选方式。

This is more preferred way to set session time out in web.xml.

<session-config>
    <session-timeout>30</session-timeout>
  </session-config>

要验证每个请求（无论是否在同一会话中），请执行以下步骤



1.如果登录成功，请在会话中放置一个标记（在您的情况下为用户名）。

2.创建一个拦截每个请求的过滤器。

3.内部过滤器检查是否记录用户或不（检查记录的用户从会话中提取标志信息（此处为用户名））。

4.如果登录用户然后继续，否则重定向到登录页面

And to validate the each request(whether in same session or not) do the following steps

1. if login success, put a flag(user name in your case) into the session.
2. Create a filter which intercept each request.
3. Inside filter check whether logged user or not(to check logged user extract the flag info(here user name) from session ).
4. if logged user then continue otherwise redirect to the login page

private void loginSession(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException{ 

   HttpSession session = request.getSession(true); 
   Object user = session.getAttribute("username");
   if(user == null){
      //go to log in page
   }else{
     //already logged in .
   }
}

这篇关于在java servlet中使用Sessions的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！