I want to change the session ID without invalidating the session after every request to the server and preserve all the session variable without invalidating it. As i am using single login to restrict the user from multiple login by changing a flag is_login to true at session creation and to false when session is destroyed with the help of session listener. and after every request i am invalidating the session for generation of new session ID. can i change the session without invalidating it in JAVA.
答案 0 :(得分:3)
从Java EE 7和Servlet API 3.1(Tomcat 8)开始,您可以使用HttpServletRequest.changeSessionId()来实现此类行为。
还有一个侦听器HttpSessionIdListener,每次更改后都会调用它。