HTTP Status 500 - Cannot create a session after the response has been committed

alleni123 2013-02-03 12:56:46

我想通过filter获取session的值来让用户不随意登入网页，

但是当我打开不存在的页面的时候，就会出现这个错误，
下面是我的代码

filter.java

	public void doFilter(ServletRequest req, ServletResponse res,

			FilterChain chain) throws IOException, ServletException

	{

		// TODO Auto-generated method stub

		System.out.println("before filter");

		

		req.setCharacterEncoding("utf-8");

		

		chain.doFilter(req, res);

	 

	

		req=(HttpServletRequest)req;

		HttpServletRequest request= (HttpServletRequest)req;

		

		HttpSession hs=request.getSession();

		

		Object obj_username= hs.getAttribute("username");

		System.out.println("username="+obj_username);

		System.out.println("requestURI"+request.getRequestURI());

		String reqURI=request.getRequestURI();

		if(obj_username==null&&!reqURI.equals("/ajax1.3/filter/login.jsp")&&!reqURI.equals("/ajax1.3/login.do")){

			//String username=(String)obj_username;

			System.out.println("非法登入");

			req.getRequestDispatcher("/filter/login.jsp");

			 

		}

	 

		 

		

		//req.getRequestDispatcher("filter/filter1.jsp").forward(req, res);

	}

...全文

239 6 打赏收藏转发到动态举报

写回复

用AI写文章

6 条回复

切换为时间正序

请发表友善的回复…

发表回复

chengxu2011 2013-02-05

打赏
举报

你不加return 你把chain.doFilter(req, res); 去掉试试看报错么

花谢尊前不敢香 2013-02-05

打赏
举报

安全，你可以看下api，经验之谈。

alleni123 2013-02-04

打赏
举报

能不能给我讲解一下啊，为什么这里加个return就不报错了，

alleni123 2013-02-03

打赏
举报


<filter>
  	<filter-name>CharEncodingFilter</filter-name>
  	<filter-class>com.filter.CharEncodingFilter</filter-class>
  </filter>
  <filter-mapping>
  	<filter-name>CharEncodingFilter</filter-name>
  	<url-pattern>/*</url-pattern>
  </filter-mapping>

zhege?

iLemon 2013-02-03

打赏
举报

Filter的配置贴上来啊

花谢尊前不敢香 2013-02-03

打赏
举报


public void doFilter(ServletRequest req, ServletResponse res,
        FilterChain chain) throws IOException, ServletException
{
    // TODO Auto-generated method stub
    System.out.println("before filter");
     
    req.setCharacterEncoding("utf-8");
     
    chain.doFilter(req, res);
  
 
    req=(HttpServletRequest)req;
    HttpServletRequest request= (HttpServletRequest)req;
     
    HttpSession hs=request.getSession();
     
    Object obj_username= hs.getAttribute("username");
    System.out.println("username="+obj_username);
    System.out.println("requestURI"+request.getRequestURI());
    String reqURI=request.getRequestURI();
    if(obj_username==null&&!reqURI.equals("/ajax1.3/filter/login.jsp")&&!reqURI.equals("/ajax1.3/login.do")){
        //String username=(String)obj_username;
        System.out.println("非法登入");
        req.getRequestDispatcher("/filter/login.jsp");
        return;
          
    }
  
      
     
    //req.getRequestDispatcher("filter/filter1.jsp").forward(req, res);
}

Returns a boolean indicating whether the named response header has already been set. contextDestroyed(ServletContextEvent) - Method in interface javax.servlet.ServletContextListener Notification ...