在Firefox中立即刪除Servlet會話

Question

我目前使用登錄表單創建一個servlet。 當我將我的憑證輸入到表單中並按下登錄按鈕時，我會將其轉發給僅限會員的頁面，但如果我重新加載頁面，我將不再登錄。如果我第二次重複登錄過程，我會保持登錄狀態，並可以自由地留在會員區，直到我自願退出。

這隻發生在Firefox和Chrome中，這個問題在IE中並沒有發生。

這裏是我的登陸類：

public class Login extends HttpServlet 
    { 
    private String title; 

    public void init() throws ServletException 
    { 
     title = "Login"; 
    } 

    protected void doPost(HttpServletRequest request, HttpServletResponse response) 
         throws ServletException, IOException { 
      response.setContentType("text/html"); 
      PrintWriter out=response.getWriter(); 

      String username=request.getParameter("username"); 
      String password=request.getParameter("password"); 

      if(password.equals("123") && username.equals("name")) 
      { 
       HttpSession session=request.getSession(); 
       session.setAttribute("name", username); 
       loginName = (String) session.getAttribute("name"); 
       out.println("<html>"); 
       out.println("<head>"); 
       //... 
       out.println("<title>" + title + "</title>"); 
       out.println("</head>"); 
       getBody(request, response, out); 
       loggedIn(request, response, out); 
       out.println("</body>"); 
       out.println("</html>"); 
      } 
      else 
      { 
       out.println("<html>"); 
       out.println("<head>"); 

       out.println("<title>" + title + "</title>"); 
       out.println("</head>"); 
       getBody(request, response, out); 
       notLoggedIn(request, response, out); 
       out.println("</body>"); 
       out.println("</html>"); 
      } 
      out.close(); 
     } 

    public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException 
    { 
     response.setContentType("text/html"); 

     PrintWriter out = response.getWriter(); 
     out.println("<html>"); 
     out.println("<head>"); 
     //... 
     out.println("<title>" + title + "</title>"); 
     out.println("</head>"); 
     getBody(request, response, out); 
     HttpSession session=request.getSession(false); 
     if(session == null) 
     { 
      //loads the login form 
      notLoggedIn(request, response, out); 
     } 
     else 
     { 
      //loads the member area 
      loggedIn(request, response, out); 
     } 
     out.println("</body>"); 
     out.println("</html>"); 
    } 

    public void getBody(HttpServletRequest request, HttpServletResponse response, PrintWriter out) 
    { 
     out.println("<body ...>"); 
     //... 
    } 

    public void notLoggedIn(HttpServletRequest request, HttpServletResponse response, PrintWriter out) 
    { 
     out.println("<form action='Login' method='post'>"); 
      out.println("<input type='text' name='username' placeholder='Benutzername' value='' required/>"); 
      out.println("<input type='password' name='password' placeholder='Passwort' value='' required/>"); 
      out.println("<input type='submit' value='Login'/>"); 
     out.println("</form>"); 
    } 

    public void loggedIn(HttpServletRequest request, HttpServletResponse response, PrintWriter out) 
    { 
     out.println("<form action='Logout' method='get'>"); 
      out.println("<ul id='links'>"); 
       out.println("<li><a href='http://www.vipcom/FileSystem'>FileSystem</a></li>"); 
       out.println("<li><a href='http://www.VIP.com/member2'>Member Area2 Jonah</a></li>"); 
     out.println("</ul>"); 
      out.println("<input type='submit' value='Logoff'/>"); 
     out.println("</form>"); 
    } 
} 

Answer 1

我懷疑它是如何工作的IE瀏覽器，因爲你創建新的會話爲每個新請求。你應該保持/使用以前的會話對象，如果你不想刪除會話對象如下：

//replace the below code 
HttpSession session=request.getSession();//every time new session is created. 
// with this code at first line of doPost method so that the session will be accessible to your entire method as below: 
HttpSession session =null; 
if(request.getSession().isNew()){ 
     session= request.getSession();//new session 
}else{ 
     session= request.getSession(false);//current session 
} 

而且，你必須從if(password.equals("123") && username.equals("name")) {//here