会话失效后，它仍然活着，为什么？

Question

考虑的servlet：

package controller; 

import java.io.IOException; 

import javax.servlet.ServletException; 
import javax.servlet.annotation.WebServlet; 
import javax.servlet.http.HttpServlet; 
import javax.servlet.http.HttpServletRequest; 
import javax.servlet.http.HttpServletResponse; 
import javax.servlet.http.HttpSession; 

/** 
* Servlet implementation class LogoutServlet 
*/ 
@WebServlet("/loggingOut") 
public class LogoutServlet extends HttpServlet { 
    private static final long serialVersionUID = 1L; 

    protected void doGet(HttpServletRequest request, HttpServletResponse response) 
      throws ServletException, IOException 
    { 
     // Get the session 
     HttpSession session = request.getSession(false); 

     if(session != null){ 
      System.out.println("Here ..."); 
      session.invalidate(); 
      // forwards to the page logout.jsp 
      request.getRequestDispatcher("/WEB-INF/results/logoutResult.jsp").forward(request, response); 
      // response.sendRedirect("./WEB-INF/results/logoutResult.jsp"); 

     } 

     else 
     { 
      System.out.println("There ..."); 
      // response.sendRedirect("error404.jsp"); 
      request.getRequestDispatcher("./WEB-INF/results/error404.jsp").forward(request, response); 
     } 


    } 

} 

后，我无效了会议，并移动到logoutResult.jsp，如果我再次达到上述然后servlet会话仍然“活着”，我不达到error404.jsp代码，即：

else 
{ 
    System.out.println("There ..."); 
    // response.sendRedirect("error404.jsp"); 
    request.getRequestDispatcher("./WEB-INF/results/error404.jsp").forward(request, response); 
} 

我该如何解决？

非常感谢

Answer 1

基本上，if(session != null){没什么意思在这里。你应该阅读从会话属性，检查其是否为空：

String username = (String)session.getAttribute("username"); 
    if(username!=null) 
    { 
     //user is logged in 
    } 
    else 
    { 
    //user is not logged in 
    } 

Answer 2

因为每次访问JSP都会创建一个新会话。要禁用此属性将这个指令：

<%@ page session="false" %>