[英]use one session attribute for different servlets
我已经为用户创建了登录环境,我已经从数据库中检索了用户名和密码进行登录。并将用户名设置为会话中的字符串。现在我想对另一个servlet使用相同的用户名。在两个servlet中使用相同的字符串。如何为另一个servlet使用相同的会话属性。下面是我的代码。 loginservlet
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
import java.sql.*;
@WebServlet(urlPatterns = {"/LoginServlet"})
public class LoginServlet extends HttpServlet {
String userid, pwd;
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = response.getWriter();
Connection connection = null;
Statement statement = null;
userid = request.getParameter("uname");
pwd = request.getParameter("pass");
try {
dbconnector dbc = new dbconnector();
connection = dbc.Open();
PreparedStatement ps = connection.prepareStatement("select * from member where uname='" + userid + "' and pass='" + pwd + "'");
ResultSet rs = ps.executeQuery();
if (rs.next()) {
HttpSession session = request.getSession();
session.setAttribute("userid", userid);
//out.println("welcome " + userid);
//out.println("<a href='logout.jsp'>Log out</a>");
response.sendRedirect("success.jsp");
} else {
request.setAttribute("errorMessage", "Invalid user or password");
RequestDispatcher rd = getServletContext().getRequestDispatcher("/index.jsp");
rd.include(request, response);
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
我要在此处使用会话值userid的profile servlet
import java.io.IOException;
import java.io.PrintWriter;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.Statement;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
@WebServlet(urlPatterns = {"/usesesvaluegetdbdata"})
public class usesesvaluegetdbdata extends HttpServlet {
protected void processRequest(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = response.getWriter();
Connection connection = null;
Statement statement = null;
String userid;
try {
dbconnector dbc = new dbconnector();
connection = dbc.Open();
PreparedStatement ps = connection.prepareStatement("select eid,ename from member where uname='" + userid + "' and pass='" + pwd + "'");
} catch (Exception e) {
e.printStackTrace();
}
}
在第一个servlet
您将像session
那样存储值。
HttpSession session = request.getSession();
session.setAttribute("userid", userid);
同样,您需要从第二个servlet
session
中检索这些值,例如
HttpSession session = request.getSession();
String userid=(String)session.getAttribute("userid");//cast to String, default its Object
现在,使用此userid
在第二个变量servlet
。
像这样准备preparestatement以避免SQL注入
首先像这样将值存储在会话中
HttpSession session = request.getSession();
session.setAttribute("userid", userid);
这样访问会话值
HttpSession session=request.getSession();
String username = session.getAttribute("userid").toString() ;
在“配置文件” Servlet中,您可以使用以下方法查找HttpSession。
HttpSession httpSession = request.getSession(false);
如果在登录servlet之前调用了概要文件servlet,则“ false”将确保您不会创建新的会话。
一旦获得会话,就可以读取之前存储的属性值。
我不能使用什么意思?
如果您想在其他servlet中使用存储的值,请执行此HttpSession session = request.getSession();。 字符串user = session.getAttribute(“ userid”);
如果您想使用相同的key(“ userid”)为其设置新值,则无法执行此操作,因为即使创建新的会话对象,会话范围在每个地方都是通用的,所以您在后台使用同一会话,因此应选择新的字符串。
尝试这个 ....
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
import java.sql.*;
@WebServlet(urlPatterns = {"/LoginServlet"})
public class LoginServlet extends HttpServlet {
String userid, pwd;
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = response.getWriter();
Connection connection = null;
Statement statement = null;
userid = request.getParameter("uname");
pwd = request.getParameter("pass");
try {
HttpSession session = request.getSession(true);//true if first session else use false
if (SessionManager.checkUserSession(session)) {
dbconnector dbc = new dbconnector();
connection = dbc.Open();
PreparedStatement ps = connection.prepareStatement("select * from member where uname='" + userid + "' and pass='" + pwd + "'");
ResultSet rs = ps.executeQuery();
if (rs.next()) {
session.setAttribute("userid", userid);
//out.println("welcome " + userid);
//out.println("<a href='logout.jsp'>Log out</a>");
response.sendRedirect("success.jsp");
} else {
request.setAttribute("errorMessage", "Invalid user or password");
RequestDispatcher rd = getServletContext().getRequestDispatcher("/index.jsp");
rd.include(request, response);
}
}
request.setAttribute("statuscode", "HTTP_STATUS_INVALID_SESSION");
} catch (Exception e) {
e.printStackTrace();
}
}
}
sessionmanager的代码
public class SessionManager {
public static boolean checkUserSession(HttpSession loginSession) {
if ((loginSession == null) || (loginSession.toString().isEmpty())) {
return false;
} else if (loginSession.isNew()) {
return false;
} else {
return true;
}
}
}
用于更改用户名或访问它的使用
HttpSession session = request.getSession();
String userid=(String)session.getAttribute("userid");
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.