在声明了它的servlet或将使用其值的jsp页面中使会话无效会更好吗?
[英]Is it better to invalidate a session in a servlet in which it is declared or in the jsp page where its values will be used?
问题描述
Is it better to invalidate a session in a servlet in which it is declared or in the JSP page where its values will be used ? 
在声明了它的servlet或将使用其值的JSP页面中使会话无效是否更好?
I am posting the code of servlet below - 我在下面发布servlet的代码-
package Controller.UploadInfo;
import File.FileOperations;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import Controller.DatabaseException.*;
public class AttendenceInfoUpload extends HttpServlet {
protected void processRequest(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html;charset=UTF-8");
try (PrintWriter out = response.getWriter()) {
HttpSession session;
if (FileOperations.fileUpload(request)) {
try {
FileOperations.excelToAttendence();
request.getRequestDispatcher("UploadSuccess.jsp").forward(request, response);
} catch (DBException e) {
session = request.getSession(true);
session.setAttribute("exception",e);
request.getRequestDispatcher("FileUpload.jsp").forward(request, response);
session.invalidate();
}
} else {
session = request.getSession(true);
session.setAttribute("exception"," File Upload Failed " );
request.getRequestDispatcher("FileUpload.jsp").forward(request, response);
}
}
}
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
processRequest(request, response);
}
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
processRequest(request, response);
}
@Override
public String getServletInfo() {
return "Short description";
}// </editor-fold>
}
In the given servlet above I have invalidated the session right after the getRequestDispatcher() in the catch block. 在上面给定的servlet中,我使catch块中的getRequestDispatcher()之后的会话无效。 Although the code is working, my concern is will it cause the exception message to loose before it can be displayed in the JSP page. 尽管代码可以正常工作,但我担心的是它将导致异常消息丢失,然后才能在JSP页面中显示该异常消息。 Or is it better to invalidate the session declared in the servlet in the JSP page where its values will be displayed. 还是使在JSP页面的servlet中声明的会话无效(在该会话中将显示其值)。
The JSP page - JSP页面-
<%@page contentType="text/html" pageEncoding="UTF-8"%>
<%@page import = "java.io.*" %>
<!DOCTYPE html>
<html>
<head>
<title>TODO supply a title</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<h1>Excel File Upload Example</h1>
<form name="form1" method="post" action="AttendenceInfoUpload" enctype="multipart/form-data">
<table border="1">
<col width="120">
<tr>
<td>Upload Excel File:</td>
<td><input type="file" name="Select File"/></td>
</tr>
<tr>
<td> </td>
<td><input name="" type="submit" value="upload" /></td>
</tr>
</table>
</form>
<c:if test="${not empty exception}">
<label>
<font color="red">
<c:out value="Error:${exception}"></c:out>
</font>
</label>
</c:if>
</body>
</html>
One can suggest an alternate solution as well? 也可以提出另一种解决方案吗?
2 个解决方案
解决方案1
0 2015-04-26 09:23:51
The best solution is probably to invalidate the session in the servlet but make sure that any values required by the JSP are stored in the request rather than in the session. 最好的解决方案可能是使Servlet中的会话无效,但要确保JSP所需的所有值都存储在请求中而不是会话中。 I say this because it is best practice to put all logic in beans or servlet code and keep JSPs for layout only. 我之所以这样说,是因为最佳实践是将所有逻辑放入bean或servlet代码中,并保留JSP仅用于布局。
解决方案2
0 2015-04-26 09:38:30
There's no need to invalidate a session. 无需使会话无效。 Also there's no need to use a session attribute. 同样,也不需要使用会话属性。 If you want to forward to a error page you can use request attribute. 如果要转发到错误页面,可以使用request属性。 Using a session heavily is a bad practice because it requires a lot of memory to utilize those variables you put into it. 大量使用会话是一种不好的做法,因为它需要大量内存才能利用您放入会话中的那些变量。
} catch (DBException e) {
request.setAttribute("exception",e);
request.getRequestDispatcher("FileUpload.jsp").forward(request, response);
}
as I said it's not a good practice to invalidate a session when you are going to forward to a error page. 正如我说的那样,当您要转到错误页面时,使会话无效不是一个好习惯。 Even if JSP page is rendered in the same thread other threads that can use the same session might not work. 即使在同一线程中呈现JSP页面,也可以使用同一会话的其他线程可能无法工作。 And you can't use session variables after the session is invalidated. 会话无效后,您将无法使用会话变量。 However it's rarely happens but other request might invalidate a session while JSP is rendered. 但是,这种情况很少发生,但是在呈现JSP时其他请求可能会使会话无效。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.