81,095
社区成员
发帖
与我相关
我的任务
分享
//web-config
……
<!-- session超时设置,单位为分钟 -->
<session-config>
<session-timeout>1</session-timeout>
</session-config>
//登录方法:
public String loginAct(){
/**
* 查询数据,……
*/
//添加session
HttpServletRequest req=ServletActionContext.getRequest();
HttpServletResponse rsp=ServletActionContext.getResponse();
HttpSession session=req.getSession();
session.setAttribute("no","test");//值来自于查询后的数据
Cookie c;
c=new Cookie("no","test");//值来自于查询后的数据,保存帐号,下次不输入帐号,最多需要输入密码
c.setMaxAge(365*24*60*60);
c.setPath("/");
rsp.addCookie(c);
//判断是否需要添加cookie
if(rmb.equals("true")){//值来自于struts的action
c=new Cookie("pwd","test");//值来自于查询后的数据
c.setMaxAge(365*24*60*60);
c.setPath("/");
rsp.addCookie(c);
}
else{//否则删除cookie
Cookie[] cs=ServletActionContext.getRequest().getCookies();
if(cs!=null){
for(Cookie c:cs){
if(c.getName().equals("pwd")){
c.setMaxAge(0);
c.setPath("/");
rsp.addCookie(c);
}
}
}
}
……
}
//通过cookie登录的方法
public String loginByCookie(){
/**
* 查询数据,……
*/
//添加session
HttpServletRequest req=ServletActionContext.getRequest();
HttpSession session=req.getSession();
session.setAttribute("no","test");//值来自于查询后的数据
//不需要再次设置cookie
……
}
//安全退出的方法
public String logout(){
//清空session
delSession();
//删除cookies
delCookies();
……
}
//每个查询数据的方法都判断是否超时
protected boolean isLogout(){
HttpSession session=ServletActionContext.getRequest().getSession();
if(session==null||session.getAttribute("no")==null){
session=null;
result="logout";
return true;
}
else{
session=null;
return false;
}
}
o.s.o.h.s.OpenSessionInViewFilter - Using SessionFactory 'sessionFactory' for OpenSessionInViewFilter
o.s.b.f.s.DefaultListableBeanFactory - Returning cached instance of singleton bean 'sessionFactory'
o.s.o.h.s.OpenSessionInViewFilter - Opening single Hibernate Session in OpenSessionInViewFilter
o.s.o.hibernate3.SessionFactoryUtils - Opening Hibernate Session
org.hibernate.impl.SessionImpl - opened session at timestamp: 5430564887359488
o.s.o.h.s.OpenSessionInViewFilter - Closing single Hibernate Session in OpenSessionInViewFilter
o.s.o.hibernate3.SessionFactoryUtils - Closing Hibernate Session
private void delSession(){
HttpServletRequest req=ServletActionContext.getRequest();
HttpSession session=req.getSession();
if(session!=null){
if(session.getAttribute("JasperPrintList")!=null){
try{
List ujps=(List)session.getAttribute("JasperPrintList");
ujps.clear();
}
catch(Exception ex){}
session.removeAttribute("JasperPrintList");
}
session.removeAttribute("userNo");
session.removeAttribute("userDeptNo");
session.removeAttribute("userName");
session.invalidate();
}
}
private void delSession(){
HttpServletRequest req=ServletActionContext.getRequest();
HttpSession session=req.getSession();
if(session!=null){
if(session.getAttribute("JasperPrintList")!=null){
try{
List ujps=(List)session.getAttribute("JasperPrintList");
ujps.clear();
}
catch(Exception ex){}
session.removeAttribute("JasperPrintList");
}
session.removeAttribute("userNo");
session.removeAttribute("userDeptNo");
session.removeAttribute("userName");
session.setMaxInactiveInterval(0);//这个加不加暂时没发现有影响
}
}