java HttpSessionListener (sessionCreated/destroyed) - 奇怪的行为
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/6175659/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
HttpSessionListener (sessionCreated/destroyed) - strange behaviour
提问by gaffcz
I'm trying to use HttpSessionListener:
我正在尝试使用 HttpSessionListener:
public class SessionListener implements HttpSessionListener
{
public void sessionCreated(HttpSessionEvent event) {
System.out.println("ID Session Created: " + event.getSession().getId());
}
public void sessionDestroyed(HttpSessionEvent event) {
System.out.println("ID Session Destroyed: " + event.getSession().getId());
}
}
web.xml:
网页.xml:
<listener>
<listener-class>session.SessionListener</listener-class>
</listener>
UserManager.java:
用户管理器.java:
@SessionScoped
@ManagedBean(name="userManager")
public class UserManager extends Tools
{
/**/
private static final long serialVersionUID = -8522314095497978567L;
private String username;
private String password;
private transient HttpSession session = null;
public String login()
{
user = (User) find(username, password);
if (user != null)
{
username = password = null;
FacesContext context = FacesContext.getCurrentInstance();
session = (HttpSession) context.getExternalContext().getSession(true);
session.setAttribute("id", user.getID());
}
}
public void logout()
{
user = null;
FacesContext context = FacesContext.getCurrentInstance();
session = (HttpSession) context.getExternalContext().getSession(true);
session.invalidate();
}
// getters and setters ----------------------------------------------------
}
It works, but little bit strangely.
它有效,但有点奇怪。
If i logout, it reports to the console:
如果我注销,它会向控制台报告:
ID Session Destroyed: 807DEDB88D35C0351BF2B9FBA83519AB
ID Session Created: 8A029C95E6BA9DF17FB91C7F3AC81B24
If login, there is nothing in console.
如果登录,控制台中没有任何内容。
What I'm doing wrong?
我做错了什么?
回答by Kris
A session is created the moment your browser makes a request to the webserver, not when you 'log in'. A session will always exist for each client that the server is interacting with. It does not matter if you store anything in that session or otherwise make use of it.
会话是在您的浏览器向网络服务器发出请求的那一刻创建的,而不是在您“登录”时创建的。对于服务器与之交互的每个客户端,会话将始终存在。是否在该会话中存储任何内容或以其他方式使用它都无关紧要。
When you logout, you force the server to discard the current session, but since it still needs to communicate with the client a new ('clean') session is created. This new session is likely still in effect when you log in.
当您注销时,您会强制服务器放弃当前会话,但由于它仍然需要与客户端通信,因此会创建一个新的(“干净”)会话。当您登录时,此新会话可能仍然有效。
I'm sure if you shut down your server and delete all its working cache, you'll see the session created message on the first hit from your browser.
我敢肯定,如果您关闭服务器并删除其所有工作缓存,您将在浏览器第一次点击时看到会话创建消息。
回答by sudmong
session = (HttpSession) context.getExternalContext().getSession(true);The above line in the logout method should have 'getSession()' without true.
session = (HttpSession) context.getExternalContext().getSession(true);注销方法中的上述行应该有 'getSession()' 而不是 true。
getSession(boolean)
Returns the current HttpSession associated with this request or, if if there is no current session and create is true, returns a new session.
获取会话(布尔值)
返回与此请求关联的当前 HttpSession,或者,如果没有当前会话并且 create 为 true,则返回一个新会话。
