[英]Java servlet, session: null session gets created, can't invalidate it
I have a form that takes a username and passes it to LoginServlet.java
which in turn: 我有一个接受用户名并将其传递给LoginServlet.java
的表单,后者依次是:
LoginResultView.jsp
which dispays a "Successful login, %username%" message 如果没有会话:为该用户名创建一个会话,然后将请求转发到LoginResultView.jsp
,该消息将LoginResultView.jsp
“成功登录,%username%”消息 form : 形式 :
<form method="POST" action="LoginResult.do">
<div>
<label id="username-label" for="usr">username:</label><br/><br/>
<input type="text"
value="Enter a username"
class="form-control form-input-field form- username-input-field default"
id = "form-username-input-field" name="login-username"
>
</div>
<button class="btn btn-success" type="submit">Sign up</button>
</form>
servlet: servlet的:
public class LoginServlet extends HttpServlet {
public void doPost(HttpServletRequest request, HttpServletResponse response) throws
IOException, ServletException {
String username = request.getParameter("login-username");
response.setContentType("text/html");
HttpSession session = request.getSession(false);
if (session==null) {
session = request.getSession(true);
session.setAttribute("loginUsername", username);
RequestDispatcher view= request.getRequestDispatcher("view/LoginResultView.jsp");
view.forward(request, response);
}
else {
response.getWriter().println(
"wow, how are you here, " +
session.getAttribute("loginUsername"));
response.getWriter().println(
session.getMaxInactiveInterval());
session.invalidate();
}
}
}
I also have a navbar that, if there's no session, displays two buttons: Log In and Sign Up and if there's a session, it displays a loginUsername
attribute, associated with that session: 我还有一个导航栏,如果没有会话,则显示两个按钮:“登录”和“注册”,如果有会话,则显示与该会话相关联的loginUsername
属性:
<% HttpSession session2 = request.getSession(false);
if (session.getAttribute("loginUsername") != null) {
%>
<div class="dropdown navbar-link">
<button class="btn btn-secondary dropdown-toggle"
type="button" id="dropdownMenuButton"
data-toggle="dropdown"
aria-haspopup="true" aria-expanded="false">
<a href="${pageContext.request.contextPath}/Login.jsp">
<%out.println(session2.getAttribute("loginUsername"));%>
</a>
</button>
<div class="dropdown-menu" aria-labelledby="dropdownMenuButton">
<a class="dropdown-item"
href="${pageContext.request.contextPath}">Profile</a>
<a class="dropdown-item"
href="#">Link2</a>
<a class="dropdown-item"
href="${pageContext.request.contextPath}/LogoutResult.do">
Log out
</a>
</div>
</div>
<%
}
else {
%>
<a href="${pageContext.request.contextPath}/Login.jsp"
class="btn btn-info" role="button">Log in
</a>
<a href="${pageContext.request.contextPath}/Login.jsp"
class="btn btn-info" role="button">Sign up
</a>
<%
}
%>
The problem is this: even if there's seemingly no session (it's the two Log in and Sign Up buttons up there) when I fill up the form and send it to LoginServlet
I still get a message wow, how are you here, null 120
(120 is a session-timeout
, specified in web.xml file). 问题是这样的:即使在我填写表单并将其发送给LoginServlet
时,似乎没有会话(这是两个“登录”和“注册”按钮),我仍然收到消息wow, how are you here, null 120
( 120是session-timeout
,在web.xml文件中指定)。 Then, I can only send the form's data by sending the same POST data again (I click the round Renew button and click OK on save previous data). 然后,我只能通过再次发送相同的POST数据来发送表单的数据(我单击了“续订”按钮,然后单击“保存”上的“确定”)。 Only after that do I get the LogoutResultView.jsp
page. 只有在那之后,我才能获得LogoutResultView.jsp
页面。
Why does this happen? 为什么会这样? Where does this null
session comes from? null
会话来自何处? How do I fix it? 我如何解决它?
The session you get is not null. 您获得的会话不为空。 Otherwise you would get an NPE. 否则,您将获得NPE。
You need to put the session="false"
attribute into the <%@page%>
directive of your Navbar JSP. 您需要将session="false"
属性放入Navbar JSP的<%@page%>
指令中。 Otherwise, a session is immediately generated when the JSP is first visited. 否则,当首次访问JSP时,将立即生成会话。 For example:` 例如:
<%@ page language="java" contentType="text/html; charset="ISO-8859-1"
pageEncoding="ISO-8859-1" session="false"
import="java.util.*" %>`
The session
attribute defaults to true, so if you don't have it explicitely, a session will always be created in the background if none exists. session
属性默认为true,因此,如果您没有明确指定该属性,则如果不存在会话,则始终在后台创建会话。
So, if (session.getAttribute("loginUsername") != null)
does not generate a NPE, as it usually would. 因此, if (session.getAttribute("loginUsername") != null)
不会像通常那样生成NPE。
If you put session="false"
into your page directive, the check must be if ( session == null )
. 如果将session="false"
放入page指令,则检查必须为if ( session == null )
。 That's want you want. 那就是你想要的。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.