从HttpSession中存储/检索常用数据的最佳方法
[英]Best way to store/retrieve frequently used data from the HttpSession
问题描述
I have a standard GAE app with Java servlets. 
我有一个带有Java Servlet的标准GAE应用程序。 I want to implement user role functionality throughout the system. 我想在整个系统中实现用户角色功能。 For this purpose I want to retrieve user role from the database and store it in the session, in such a way all servlets will have access to this data. 为此,我想从数据库中检索用户角色并将其存储在会话中,这样所有servlet都可以访问此数据。 I read some articles about it and the basic way to do it is to use Filters to populate HttpSession with necessary data. 我读了一些有关它的文章,而实现它的基本方法是使用过滤器在HttpSession中填充必要的数据。 However, in this case I should retrieve data from the HttpSession in every servlet in the same way, which results in code duplicates. 但是,在这种情况下,我应该以相同的方式从每个Servlet中的HttpSession检索数据,这将导致代码重复。 Evident solution for this problem is just to derive from HttpServlet class and create own Servlet with necessary methods for working with HttpSession (eg protected Role getUserRole()). 解决此问题的方法仅仅是从HttpServlet类派生,并使用用于HttpSession的必要方法(例如,受保护的角色getUserRole())创建自己的Servlet。 This makes the usage of the Filters pointless. 这使得过滤器的使用毫无意义。 Is there any reason to use Filters in this case? 在这种情况下,有什么理由要使用过滤器吗?
2 个解决方案
解决方案1
0 2012-12-21 23:22:14
You should have a top level filter, which maps to /* . 您应该有一个顶级过滤器,它映射到/* 。 This filter will do the fetching of role from database , if not present in session. 如果会话中不存在此过滤器,则会从数据库中提取角色。 Now you extend HttpServletRequest and create a wrapper overriding isUserInRole() method, so that role is fetched as you like. 现在,您扩展HttpServletRequest并创建一个覆盖isUserInRole()方法的包装器,以便根据需要获取该角色。 Create an object of this request object and use in chain.doFilter in Filter. 创建此request对象的对象,并在Filter中的chain.doFilter中使用。
So all Servlets can just call request.isUserInRole() to check roles 因此,所有Servlet都可以仅调用request.isUserInRole()来检查角色
解决方案2
0 2012-12-21 23:30:43
You can have a main servlet that directly inherit from HttpServlet, this servlet knows how to get the user roles from the HttpSession via protected Role getUserRole() . 您可以有一个直接从HttpServlet继承的主Servlet,该Servlet知道如何通过受保护的Role getUserRole()从HttpSession中获取用户角色。 All other servlets within your application should then subclass that main servlet to have the common functionality available to them. 然后,您的应用程序中的所有其他servlet应该对该主servlet进行子类化,以使其具有通用功能。
Servlet filters get invoked prior to the invocation of any other servlet, the main purpose of filters is to decorate the requests/responses before handing them over to the servlets for further processing. Servlet过滤器在调用任何其他Servlet之前被调用,过滤器的主要目的是在将请求/响应传递给Servlet进行进一步处理之前修饰请求/响应。 You have the choice of accessing your database from within the filters and populate the HttpSession accordingly, then each servlet will know how to retrieve that information from the HttpSession later on. 您可以选择从过滤器中访问数据库,并相应地填充HttpSession,然后每个Servlet都会知道如何稍后从HttpSession中检索该信息。
The other option that I recommend here is to populate the HttpSession with the user roles from within the first servlet that process the request (you could have another common method of the main servlet to do that, eg protected void populateUserRole(HttpSession httpSession)). 我在这里推荐的另一个选项是在处理请求的第一个servlet中用用户角色填充HttpSession(您可以使用主servlet的另一种常用方法来执行此操作,例如,受保护的void populateUserRole(HttpSession httpSession))。
Cheers; 干杯;
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.