1. 首頁
  2. 問答
  3. 爲什麼在瀏覽器關閉後會話不能清除?

爲什麼在瀏覽器關閉後會話不能清除?

2017-06-28 127 views
0

我一直得到如下輸出:爲什麼在瀏覽器關閉後會話不能清除?

Inside AuthenticationFilter.. 
Inside Session!

爲什麼會沒有得到清除瀏覽器關閉後?我甚至在index.jsp裏也找到了頁面session=false,但仍然無法正常工作..請有人看看下面的代碼,並幫助我在瀏覽器窗口關閉後清除會話。

下面是代碼:

的index.jsp

<%@ page session="false" %> 
<% 

/* ServletContext context= getServletContext(); 
RequestDispatcher rd= context.getRequestDispatcher("/login"); 
rd.forward(request, response); */ 

response.sendRedirect("login"); 

%>

loginServlet

import java.io.IOException; 
import java.io.PrintWriter; 

import javax.servlet.RequestDispatcher; 
import javax.servlet.ServletException; 
import javax.servlet.annotation.WebServlet; 
import javax.servlet.http.HttpServlet; 
import javax.servlet.http.HttpServletRequest; 
import javax.servlet.http.HttpServletResponse; 
import javax.servlet.http.HttpSession; 

/** 
* Login servlet. 
*/ 

@WebServlet("/login") 
public final class LoginServlet extends HttpServlet { 

    private HttpSession session = null; 
    private RequestDispatcher rd = null; 

    /** 
    * Respond to a GET request for the content produced by 
    * this servlet. 
    * 
    * @param request The servlet request we are processing 
    * @param response The servlet response we are producing 
    * 
    * @exception IOException if an input/output error occurs 
    * @exception ServletException if a servlet error occurs 
    */ 
    @Override 
    public void doGet(HttpServletRequest request, 
         HttpServletResponse response) 
     throws IOException, ServletException { 

     System.out.println("Inside Login Servlet..."); 

     PrintWriter out = response.getWriter(); 
     out.print("<h3> This is login servlet poage ... </h3>"); 

    } 
}

AuthenticationServlet

import java.io.IOException; 

import javax.servlet.Filter; 
import javax.servlet.FilterChain; 
import javax.servlet.FilterConfig; 
import javax.servlet.ServletException; 
import javax.servlet.ServletRequest; 
import javax.servlet.ServletResponse; 
import javax.servlet.annotation.WebFilter; 
import javax.servlet.http.HttpServletRequest; 
import javax.servlet.http.HttpServletResponse; 
import javax.servlet.http.HttpSession; 


@WebFilter("/*") 
public class AuthenticationFilter implements Filter{ 

    private HttpSession session = null; 

    public void init(FilterConfig arg0) throws ServletException {} 

    public void doFilter(ServletRequest req, ServletResponse resp, 
     FilterChain chain) throws IOException, ServletException { 

     System.out.println("Inside AuthenticationFilter.."); 

     HttpServletRequest request = (HttpServletRequest) req; 
     HttpServletResponse response = (HttpServletResponse)resp; 

     session = request.getSession(false); 
     if(session != null && !session.isNew()) { 
      System.out.println("Inside Session!"); 
     } else { 
      getAccessToken(request, response, chain); 
      chain.doFilter(request, response); 
     } 

    } 

    public void destroy() {} 

    private void getAccessToken(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException { 

     session = request.getSession(); 
     System.out.println("Created new Session!"); 
    } 

}

來源

2017-06-28 Hari

+0

任何人都可以請在上述問題上給我建議。 – Hari

回答

0

瀏覽器無法「清除」會話變量。他們沒有直接訪問$ _SESSION的權限。他們可以清除會話ID cookie,給他們一個全新的空會話,或者您的服務器端代碼必須清空$ _SESSION

來源

2017-06-28 16:24:45 Sharma

+0

但窗口關閉後會話cookie必須清除,對嗎? – Hari

0

會話超時在web.xml中指定。即使關閉瀏覽器,會話仍然存在。 如果你真的需要結束它讓你使用JavaScript onbeforeunload方法的請求,並調用

session.invalidate();

來源

2017-06-28 16:26:08 sebasm

0

當關閉瀏覽器服務器端,您無法檢測。要做到這一點,你必須編寫一些javascript來檢測瀏覽器關閉,然後向服務器發出請求,以使該用戶的會話無效。session.invalidate()

來源

2017-06-28 16:26:25

0

此代碼將在5分鐘後使會話失效。

session.setMaxInactiveInterval(300); // 300 seconds

沒有服務器端解決方案來檢測瀏覽器的事件。

如果您仍然需要檢測瀏覽器關閉,請參閱this用於客戶端解決方案的線程。

來源

2017-06-28 19:41:32

相關問題

 相關問題