zoukankan      html  css  js  c++  java

  • Session的有效期设置

    方式一:
     在web.xml中设置session-config如下:
     <session-config>
      <session-timeout>2</session-timeout>
     </session-config>

    即客户端连续两次与服务器交互间隔时间最长为2分钟,2分钟后session.getAttribute()获取的值为空

     API信息:
      session.getCreationTime()   获取session的创建时间
      session.getLastAccessedTime()  获取上次与服务器交互时间
      session.getMaxInactiveInterval() 获取session最大的不活动的间隔时间,以秒为单位120秒。

    <!-- 登录状态过滤,可以过滤掉不需要进行超时验证的url -->
    <filter>
    <filter-name>loginFilter</filter-name>
    <filter-class>com.software.filter.LoginFilter</filter-class>
    </filter>
    <filter-mapping>
    <filter-name>loginFilter</filter-name>
    <url-pattern>/*</url-pattern>
    </filter-mapping>

    <!---以上代码指明具体的路径,具体的代码见附录>

    方式二:
     在Tomcat的/conf/web.xml中session-config,默认值为:30分钟
     <session-config>
            <session-timeout>30</session-timeout>
        </session-config>

    方式三:
     在Servlet中设置
      HttpSession session = request.getSession();
      session.setMaxInactiveInterval(60);//单位为秒

    说明:
     1.优先级:Servlet中API设置 > 程序/web.xml设置 > Tomcat/conf/web.xml设置
     2.若访问服务器session超时(本次访问与上次访问时间间隔大于session最大的不活动的间隔时间)了,即上次会话结束,但服务器与客户端会产生一个新的会话,之前的session里的属性值全部丢失,产生新的sesssionId
     3.客户端与服务器一次有效会话(session没有超时),每次访问sessionId相同,若代码中设置了session.setMaxInactiveInterval()值,那么这个session的最大不活动间隔时间将被修改,并被应用为新值。
     4.Session的销毁(代表会话周期的结束):在某个请求周期内调用了Session.invalidate()方法,此请求周期结束后,session被销毁;或者是session超时后自动销毁;或者客户端关掉浏览器
     5.对于JSP,如果指定了<%@ page session="false"%>,则在JSP中无法直接访问内置的session变量,同时也不会主动创建session,因为此时JSP未自动执行request.getSession()操作获取session。

    附录:

    package com.software.filter;

import java.io.IOException;
import java.io.PrintWriter;
import java.util.HashSet;
import java.util.Set;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.log4j.Logger;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.software.pojo.LoginInfo;
import com.software.util.AjaxResultHelper;

public class LoginFilter implements Filter {
    
    String [] noFilter = {"/collect/collectSensorData","/user/registerpage","/user/register","/user/checklogin","/system/login","/system/registerpage","/breedingLog/loadImages",
            "/expert/expertList","/expert/getNewQuestionsByPage","/expert/getHostQuestionsByPage","/product/productList","/product/productDetail","/product/feedList","/product/feedDetail",
            "/product/drugList","/product/drugDetail","/product/seedList","/product/seedDetail","/product/commonList","/product/commonDetail","/user/userInfo","/user/getDealtAnswer",
            "/user/getWaitReply"};
    private Set<String> noFilterSet = new HashSet<String>();
    private Logger log = Logger.getLogger(LoginFilter.class);
    @Override
    public void destroy() {
        

    }

    @Override
    public void doFilter(ServletRequest arg0, ServletResponse arg1, FilterChain arg2)
            throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) arg0;
        HttpServletResponse response = (HttpServletResponse) arg1;
        String nofilterpage = request.getServletPath();
        //log.info("nofilterpage:"+nofilterpage);
        if(noFilterSet.contains(nofilterpage) || nofilterpage.startsWith("/res") || nofilterpage.equals("/index.jsp")){//放行
        //放行
            //log.info("nofilterpage:"+nofilterpage);
            arg2.doFilter(request, response);
        }else{    
            LoginInfo loginInfo =(LoginInfo) request.getSession().getAttribute("loginInfo");
            if(null == loginInfo ){
                
                JSONObject responseJSONObject = (JSONObject)JSON.toJSON(AjaxResultHelper.getErrorRes(0,"未登录",null,0));
                PrintWriter out = null;
                response.setCharacterEncoding("UTF-8");
                try {  
                    out = response.getWriter();  
                    out.append(responseJSONObject.toString());   
                } catch (IOException e) {  
                    e.printStackTrace();  
                } finally {  
                    if (out != null) {  
                        out.close();  
                    }  
                }  
//                String path =  request.getContextPath();
//                String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + path;
//                response.sendRedirect(basePath + "/system/login");
//                response.sendRedirect(basePath + "/system/overtime");
            }else{
                AjaxResultHelper.getSuccessRes();
                arg2.doFilter(request, response);
            }
        }

    }

    @Override
    public void init(FilterConfig arg0) throws ServletException {
        for(String s:noFilter){
            noFilterSet.add(s);
        }

    }

}
  • 相关阅读:
    Python(一)-基础不牢,地动山摇
    微信公众号开启企业付款到用户
    CSS多行显示省略号
    angular service自定义返回
    CSS input radio和checkbox样式
    angular微信支付url未注册
    angular+ionic的兼容性问题
    js 字符串和16进制的互相转换
    js循环变量赋值
    CSS 两层实现垂直居中(外层固定宽高,内层文本不定行数)
  • 原文地址:https://www.cnblogs.com/george93/p/7562199.html
Copyright © 2011-2022 走看看