Java Servlet会话:创建空会话,无法使其无效
[英]Java servlet, session: null session gets created, can't invalidate it
问题描述
I have a form that takes a username and passes it to LoginServlet.java which in turn: 
我有一个接受用户名并将其传递给LoginServlet.java的表单,后者依次是:
- If there's no session: creates a session for that username and forwards the request to
LoginResultView.jspwhich dispays a "Successful login, %username%" message如果没有会话:为该用户名创建一个会话,然后将请求转发到LoginResultView.jsp,该消息将LoginResultView.jsp“成功登录,%username%”消息 - If there already is a session, prints out "wow..." and invalidates the old session: 如果已经有一个会话,则输出“哇...”并使旧会话无效:
form : 形式 :
<form method="POST" action="LoginResult.do">
<div>
<label id="username-label" for="usr">username:</label><br/><br/>
<input type="text"
value="Enter a username"
class="form-control form-input-field form- username-input-field default"
id = "form-username-input-field" name="login-username"
>
</div>
<button class="btn btn-success" type="submit">Sign up</button>
</form>
servlet: servlet的:
public class LoginServlet extends HttpServlet {
public void doPost(HttpServletRequest request, HttpServletResponse response) throws
IOException, ServletException {
String username = request.getParameter("login-username");
response.setContentType("text/html");
HttpSession session = request.getSession(false);
if (session==null) {
session = request.getSession(true);
session.setAttribute("loginUsername", username);
RequestDispatcher view= request.getRequestDispatcher("view/LoginResultView.jsp");
view.forward(request, response);
}
else {
response.getWriter().println(
"wow, how are you here, " +
session.getAttribute("loginUsername"));
response.getWriter().println(
session.getMaxInactiveInterval());
session.invalidate();
}
}
}
I also have a navbar that, if there's no session, displays two buttons: Log In and Sign Up and if there's a session, it displays a loginUsername attribute, associated with that session: 我还有一个导航栏,如果没有会话,则显示两个按钮:“登录”和“注册”,如果有会话,则显示与该会话相关联的loginUsername属性:
<% HttpSession session2 = request.getSession(false);
if (session.getAttribute("loginUsername") != null) {
%>
<div class="dropdown navbar-link">
<button class="btn btn-secondary dropdown-toggle"
type="button" id="dropdownMenuButton"
data-toggle="dropdown"
aria-haspopup="true" aria-expanded="false">
<a href="${pageContext.request.contextPath}/Login.jsp">
<%out.println(session2.getAttribute("loginUsername"));%>
</a>
</button>
<div class="dropdown-menu" aria-labelledby="dropdownMenuButton">
<a class="dropdown-item"
href="${pageContext.request.contextPath}">Profile</a>
<a class="dropdown-item"
href="#">Link2</a>
<a class="dropdown-item"
href="${pageContext.request.contextPath}/LogoutResult.do">
Log out
</a>
</div>
</div>
<%
}
else {
%>
<a href="${pageContext.request.contextPath}/Login.jsp"
class="btn btn-info" role="button">Log in
</a>
<a href="${pageContext.request.contextPath}/Login.jsp"
class="btn btn-info" role="button">Sign up
</a>
<%
}
%>
The problem is this: even if there's seemingly no session (it's the two Log in and Sign Up buttons up there) when I fill up the form and send it to LoginServlet I still get a message wow, how are you here, null 120 (120 is a session-timeout , specified in web.xml file). 问题是这样的:即使在我填写表单并将其发送给LoginServlet时,似乎没有会话(这是两个“登录”和“注册”按钮),我仍然收到消息wow, how are you here, null 120 ( 120是session-timeout ,在web.xml文件中指定)。 Then, I can only send the form's data by sending the same POST data again (I click the round Renew button and click OK on save previous data). 然后,我只能通过再次发送相同的POST数据来发送表单的数据(我单击了“续订”按钮,然后单击“保存”上的“确定”)。 Only after that do I get the LogoutResultView.jsp page. 只有在那之后,我才能获得LogoutResultView.jsp页面。
Why does this happen? 为什么会这样? Where does this null session comes from? null会话来自何处? How do I fix it? 我如何解决它?
1 个解决方案
解决方案1
2 已采纳 2019-01-25 17:02:49
The session you get is not null. 您获得的会话不为空。 Otherwise you would get an NPE. 否则,您将获得NPE。
You need to put the session="false" attribute into the <%@page%> directive of your Navbar JSP. 您需要将session="false"属性放入Navbar JSP的<%@page%>指令中。 Otherwise, a session is immediately generated when the JSP is first visited. 否则,当首次访问JSP时,将立即生成会话。 For example:` 例如:
<%@ page language="java" contentType="text/html; charset="ISO-8859-1"
pageEncoding="ISO-8859-1" session="false"
import="java.util.*" %>`
The session attribute defaults to true, so if you don't have it explicitely, a session will always be created in the background if none exists. session属性默认为true,因此,如果您没有明确指定该属性,则如果不存在会话,则始终在后台创建会话。
So, if (session.getAttribute("loginUsername") != null) does not generate a NPE, as it usually would. 因此, if (session.getAttribute("loginUsername") != null)不会像通常那样生成NPE。
If you put session="false" into your page directive, the check must be if ( session == null ) . 如果将session="false"放入page指令,则检查必须为if ( session == null ) 。 That's want you want. 那就是你想要的。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.