请教关于session的问题.
现有一个过滤器和两个webservice, 一个webservice用于登录,另一个用于取得图书信息。当登录成功后,往session中写入用户名,
这样当访问图书信息的webservice时,如果在过滤器中发现用户名为空时,则提示还没登录.
现在的问题是, 登录时往session中写了用户名, 但当访问图书信息webserice时,在过滤器中发现用户名为空,而且sessionID也是新的.
具体如下:
过滤器:
public class bookFilter implements Filter
{
public void init(FilterConfig filterConfig) throws ServletException
{
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException
{
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse res = (HttpServletResponse) response;
HttpSession session = req.getSession();
String userName = (String)session.getServletContext().getAttribute("userName");
if(req.getRequestURI().contains("booksdir/books") && userName == null)
{
System.out.println("请先登录");
return;
}
//...
chain.doFilter(request, response);
}
public void destroy()
{
}
}
有下面两个webservice:
1.登录的webservice
@Path("login")
public class LoginService {
@GET
@Path("login")
public boolean login(@Context HttpServletResponse response, @Context HttpServletRequest request) throws Exception
{
String username = request.getParameter("username");
String password = request.getParameter("password");
//...
HttpSession session = request.getSession();
session.setAttribute("userName", username);
//...
return true;
}
}
2. 获取图书信息的webservice:
@Produces("application/xml")
@Path("books")
public class Books
{
@GET
public List<book> getbooks(@Context HttpServletRequest request) {
List<book> books = new ArrayList<book>();
//...
return books;
}
}
现在用如下的方式调用LoginService,即登录 (LoginService会把参数username存到session中,见如上代码):
http://localhost:8080/booksdir/login/login?username=liming&password=88888
接着访问如下的URL:
http://localhost:8080/booksdir/books
但发现过滤器中的userName为空:
String userName = (String)session.getServletContext().getAttribute("userName");
请问是怎么回事?
这样当访问图书信息的webservice时,如果在过滤器中发现用户名为空时,则提示还没登录.
现在的问题是, 登录时往session中写了用户名, 但当访问图书信息webserice时,在过滤器中发现用户名为空,而且sessionID也是新的.
具体如下:
过滤器:
public class bookFilter implements Filter
{
public void init(FilterConfig filterConfig) throws ServletException
{
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException
{
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse res = (HttpServletResponse) response;
HttpSession session = req.getSession();
String userName = (String)session.getServletContext().getAttribute("userName");
if(req.getRequestURI().contains("booksdir/books") && userName == null)
{
System.out.println("请先登录");
return;
}
//...
chain.doFilter(request, response);
}
public void destroy()
{
}
}
有下面两个webservice:
1.登录的webservice
@Path("login")
public class LoginService {
@GET
@Path("login")
public boolean login(@Context HttpServletResponse response, @Context HttpServletRequest request) throws Exception
{
String username = request.getParameter("username");
String password = request.getParameter("password");
//...
HttpSession session = request.getSession();
session.setAttribute("userName", username);
//...
return true;
}
}
2. 获取图书信息的webservice:
@Produces("application/xml")
@Path("books")
public class Books
{
@GET
public List<book> getbooks(@Context HttpServletRequest request) {
List<book> books = new ArrayList<book>();
//...
return books;
}
}
现在用如下的方式调用LoginService,即登录 (LoginService会把参数username存到session中,见如上代码):
http://localhost:8080/booksdir/login/login?username=liming&password=88888
接着访问如下的URL:
http://localhost:8080/booksdir/books
但发现过滤器中的userName为空:
String userName = (String)session.getServletContext().getAttribute("userName");
请问是怎么回事?
作者: hzdzd 发布时间: 2011-06-13
String userName = (String)session.getServletContext().getAttribute("userName");
你这个的session 是HttpSession么? 信息放在session里了为什么还要session.getServletContext() 直接session.getAttribute("userName");
你这个的session 是HttpSession么? 信息放在session里了为什么还要session.getServletContext() 直接session.getAttribute("userName");
作者: xue_feitian 发布时间: 2011-06-13