如何在java中创建用于登录和注销的会话
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/26479217/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to create session for login and logout in java
提问by Madhavi Talla
This is the code that I have written in login page
这是我在登录页面写的代码
HttpSession session = request.getSession(true);
session.setAttribute("name", user1);
String nme=(String) session.getAttribute("name");
And, This is the code for logout.jsp
而且,这是logout.jsp的代码
<% request.getSession().invalidate();
OR
或者
if(session!=null){
session=null;
}
OR
或者
request.getSession().setAttribute("name", null); //it just assigns null to attribute
response.sendRedirect("login.jsp");
%>
session is creating, But after logout button is working.... I want that back button should not work.
会话正在创建,但在注销按钮工作后......我希望后退按钮不起作用。
回答by Nishad K Ahamed
just remove the attribute from session, and check if it exists.....
只需从会话中删除该属性,然后检查它是否存在.....
request.getSession.removeAttribute("name")
and check like:
并检查如下:
if(request.getSession.getAttribute("name")==null){
}
回答by Shishir Kumar
To logout or invalidate from the current session, you have the correct code in place, as below.
要从当前会话注销或失效,您需要正确的代码,如下所示。
request.getSession().invalidate();
Now, after you hit the back button of the browser, it is loading the page from the cache. So in order to take care of this situation you can do below 2 things.
现在,在您点击浏览器的后退按钮后,它正在从缓存中加载页面。因此,为了解决这种情况,您可以做以下两件事。
Manipulate the browser history using HTML 5's
HistoryAPI so that when you click the back button it goes to the desired location as you manipulate it.Suggest user to close the page, as general secured websites do after successful session logout, like bank websites & financial websites.
使用 HTML 5 的
HistoryAPI操作浏览器历史记录,这样当您单击后退按钮时,它会在您操作时转到所需的位置。建议用户关闭页面,就像一般的安全网站在成功退出会话后所做的那样,如银行网站和金融网站。
Alternatively, you can write & configure an interceptor class in servlet container/server end to manipulate the cache by adding below parameters in the response.
或者,您可以在 servlet 容器/服务器端编写和配置拦截器类,通过在响应中添加以下参数来操作缓存。
response.setHeader("Cache-Control", "no-cache");
response.setHeader("Pragma", "no-cache");
response.setHeader("Expires", "-1");
Hope this helps you out.
希望这可以帮助你。
回答by Scary Wombat
Your problem is not with the session, as it will not be used in page that has already been loaded and simply loaded from the cache (back button functionality)
您的问题不在于会话,因为它不会在已经加载并且只是从缓存加载的页面中使用(后退按钮功能)
Consider utilizing localtion.href.replacein you client code.
考虑localtion.href.replace在您的客户端代码中使用。
localtion.href.replace(url):Replace the current document with the one at the provided URL. The difference from the assign() method is that after using replace() the current page will not be saved in session history, meaning the user won't be able to use the Back button to navigate to it.
localtion.href.replace(url):用提供的 URL 中的文档替换当前文档。与assign() 方法的不同之处在于,在使用replace() 后,当前页面将不会保存在会话历史记录中,这意味着用户将无法使用后退按钮导航到该页面。
