我目前正在使用登录表单创建一个servlet。 当我在表单中输入我的凭据并按下登录按钮时,我会转发到仅限会员的页面,但如果我重新加载页面,我将不再登录。如果我第二次重复登录过程,我将保持登录状态,并且可以自由地留在会员区,直到我自愿退出。
这只发生在Firefox和Chrome中,这个问题在我的IE中没有出现。
这是我的登录类:
public class Login extends HttpServlet
{
private String title;
public void init() throws ServletException
{
title = "Login";
}
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html");
PrintWriter out=response.getWriter();
String username=request.getParameter("username");
String password=request.getParameter("password");
if(password.equals("123") && username.equals("name"))
{
HttpSession session=request.getSession();
session.setAttribute("name", username);
loginName = (String) session.getAttribute( "name" );
out.println("<html>");
out.println("<head>");
//...
out.println("<title>" + title + "</title>");
out.println("</head>");
getBody(request, response, out);
loggedIn(request, response, out);
out.println("</body>");
out.println("</html>");
}
else
{
out.println("<html>");
out.println("<head>");
out.println("<title>" + title + "</title>");
out.println("</head>");
getBody(request, response, out);
notLoggedIn(request, response, out);
out.println("</body>");
out.println("</html>");
}
out.close();
}
public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
{
response.setContentType("text/html");
PrintWriter out = response.getWriter();
out.println("<html>");
out.println("<head>");
//...
out.println("<title>" + title + "</title>");
out.println("</head>");
getBody(request, response, out);
HttpSession session=request.getSession(false);
if(session == null)
{
//loads the login form
notLoggedIn(request, response, out);
}
else
{
//loads the member area
loggedIn(request, response, out);
}
out.println("</body>");
out.println("</html>");
}
public void getBody(HttpServletRequest request, HttpServletResponse response, PrintWriter out)
{
out.println("<body ...>");
//...
}
public void notLoggedIn(HttpServletRequest request, HttpServletResponse response, PrintWriter out)
{
out.println("<form action='Login' method='post'>");
out.println("<input type='text' name='username' placeholder='Benutzername' value='' required/>");
out.println("<input type='password' name='password' placeholder='Passwort' value='' required/>");
out.println("<input type='submit' value='Login'/>");
out.println("</form>");
}
public void loggedIn(HttpServletRequest request, HttpServletResponse response, PrintWriter out)
{
out.println("<form action='Logout' method='get'>");
out.println("<ul id='links'>");
out.println("<li><a href='http://www.vipcom/FileSystem'>FileSystem</a></li>");
out.println("<li><a href='http://www.VIP.com/member2'>Member Area2 Jonah</a></li>");
out.println("</ul>");
out.println("<input type='submit' value='Logoff'/>");
out.println("</form>");
}
}
答案 0 :(得分:0)
我怀疑它在IE中是如何工作的,因为对于每个新请求,您都在创建新会话。如果您不想删除会话对象,则应保留/使用上一个会话对象,如下所示:
//replace the below code
HttpSession session=request.getSession();//every time new session is created.
// with this code at first line of doPost method so that the session will be accessible to your entire method as below:
HttpSession session =null;
if(request.getSession().isNew()){
session= request.getSession();//new session
}else{
session= request.getSession(false);//current session
}
而且,您必须从HttpSession session=request.getSession();
if(password.equals("123") && username.equals("name"))
{//here