1. 首页
  2. 问答
  3. 为什么在浏览器关闭后会话不能清除?

为什么在浏览器关闭后会话不能清除?

2017-06-28 126 views
0

我一直得到如下输出:为什么在浏览器关闭后会话不能清除?

Inside AuthenticationFilter.. 
Inside Session!

为什么会没有得到清除浏览器关闭后?我甚至在index.jsp里也找到了页面session=false,但仍然无法正常工作..请有人看看下面的代码,并帮助我在浏览器窗口关闭后清除会话。

下面是代码:

的index.jsp

<%@ page session="false" %> 
<% 

/* ServletContext context= getServletContext(); 
RequestDispatcher rd= context.getRequestDispatcher("/login"); 
rd.forward(request, response); */ 

response.sendRedirect("login"); 

%>

loginServlet

import java.io.IOException; 
import java.io.PrintWriter; 

import javax.servlet.RequestDispatcher; 
import javax.servlet.ServletException; 
import javax.servlet.annotation.WebServlet; 
import javax.servlet.http.HttpServlet; 
import javax.servlet.http.HttpServletRequest; 
import javax.servlet.http.HttpServletResponse; 
import javax.servlet.http.HttpSession; 

/** 
* Login servlet. 
*/ 

@WebServlet("/login") 
public final class LoginServlet extends HttpServlet { 

    private HttpSession session = null; 
    private RequestDispatcher rd = null; 

    /** 
    * Respond to a GET request for the content produced by 
    * this servlet. 
    * 
    * @param request The servlet request we are processing 
    * @param response The servlet response we are producing 
    * 
    * @exception IOException if an input/output error occurs 
    * @exception ServletException if a servlet error occurs 
    */ 
    @Override 
    public void doGet(HttpServletRequest request, 
         HttpServletResponse response) 
     throws IOException, ServletException { 

     System.out.println("Inside Login Servlet..."); 

     PrintWriter out = response.getWriter(); 
     out.print("<h3> This is login servlet poage ... </h3>"); 

    } 
}

AuthenticationServlet

import java.io.IOException; 

import javax.servlet.Filter; 
import javax.servlet.FilterChain; 
import javax.servlet.FilterConfig; 
import javax.servlet.ServletException; 
import javax.servlet.ServletRequest; 
import javax.servlet.ServletResponse; 
import javax.servlet.annotation.WebFilter; 
import javax.servlet.http.HttpServletRequest; 
import javax.servlet.http.HttpServletResponse; 
import javax.servlet.http.HttpSession; 


@WebFilter("/*") 
public class AuthenticationFilter implements Filter{ 

    private HttpSession session = null; 

    public void init(FilterConfig arg0) throws ServletException {} 

    public void doFilter(ServletRequest req, ServletResponse resp, 
     FilterChain chain) throws IOException, ServletException { 

     System.out.println("Inside AuthenticationFilter.."); 

     HttpServletRequest request = (HttpServletRequest) req; 
     HttpServletResponse response = (HttpServletResponse)resp; 

     session = request.getSession(false); 
     if(session != null && !session.isNew()) { 
      System.out.println("Inside Session!"); 
     } else { 
      getAccessToken(request, response, chain); 
      chain.doFilter(request, response); 
     } 

    } 

    public void destroy() {} 

    private void getAccessToken(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException { 

     session = request.getSession(); 
     System.out.println("Created new Session!"); 
    } 

}

来源

2017-06-28 Hari

+0

任何人都可以请在上述问题上给我建议。 – Hari

回答

0

浏览器无法“清除”会话变量。他们没有直接访问$ _SESSION的权限。他们可以清除会话ID cookie,给他们一个全新的空会话,或者您的服务器端代码必须清空$ _SESSION

来源

2017-06-28 16:24:45 Sharma

+0

但窗口关闭后会话cookie必须清除,对吗? – Hari

0

会话超时在web.xml中指定。即使关闭浏览器,会话仍然存在。 如果你真的需要结束它让你使用JavaScript onbeforeunload方法的请求,并调用

session.invalidate();

来源

2017-06-28 16:26:08 sebasm

0

当关闭浏览器服务器端,您无法检测。要做到这一点,你必须编写一些javascript来检测浏览器关闭,然后向服务器发出请求,以使该用户的会话无效。session.invalidate()

来源

2017-06-28 16:26:25

0

此代码将在5分钟后使会话失效。

session.setMaxInactiveInterval(300); // 300 seconds

没有服务器端解决方案来检测浏览器的事件。

如果您仍然需要检测浏览器关闭,请参阅this用于客户端解决方案的线程。

来源

2017-06-28 19:41:32

相关问题

 相关问题