本文详细阐述了在Servlet中检查session是否为空的方法,并在session存在时执行请求处理操作,否则将用户重定向至登录页面。同时介绍了session失效时的清理操作及异常处理机制。
//In every servlet, check whether Session is null or not. If session is not null then only do the request processing else redirect to login page.
HttpSession session = request.getSession();
if(Session !=null)
{
try
{
// acutal servlet actions
}else
{
// redirect to login page
}
//Also it would be good if you add null check for session in your above code.
HttpSession session = request.getSession();
if(session !=null)
try
{
session.removeAttribute("logonData");//logonData,such as user and so on
session.invalidate();
// redirect tologin page
catch (Exception sqle)
{
// ...
}
}else
{
//session already null/ expired
}
ps: below is something from session api
void invalidate()
Invalidates this session then unbinds any objects bound to it.
Throws:
IllegalStateException - if this method is called on an already invalidated session
void removeAttribute(String name)
Removes the object bound with the specified name from this session. If the session does not have an object bound with the specified name, this method does nothing.
After this method executes, and if the object implements HttpSessionBindingListener, the container calls HttpSessionBindingListener.valueUnbound. The container then notifies any HttpSessionAttributeListeners in the web application.
Parameters:
name - the name of the object to remove from this session
Throws:
IllegalStateException - if this method is called on an invalidated session
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
