在Firefox中立即删除Servlet会话

Question

我目前使用登录表单创建一个servlet。 当我将我的凭证输入到表单中并按下登录按钮时，我会将其转发给仅限会员的页面，但如果我重新加载页面，我将不再登录。如果我第二次重复登录过程，我会保持登录状态，并可以自由地留在会员区，直到我自愿退出。

这只发生在Firefox和Chrome中，这个问题在IE中并没有发生。

这里是我的登陆类：

public class Login extends HttpServlet 
    { 
    private String title; 

    public void init() throws ServletException 
    { 
     title = "Login"; 
    } 

    protected void doPost(HttpServletRequest request, HttpServletResponse response) 
         throws ServletException, IOException { 
      response.setContentType("text/html"); 
      PrintWriter out=response.getWriter(); 

      String username=request.getParameter("username"); 
      String password=request.getParameter("password"); 

      if(password.equals("123") && username.equals("name")) 
      { 
       HttpSession session=request.getSession(); 
       session.setAttribute("name", username); 
       loginName = (String) session.getAttribute("name"); 
       out.println("<html>"); 
       out.println("<head>"); 
       //... 
       out.println("<title>" + title + "</title>"); 
       out.println("</head>"); 
       getBody(request, response, out); 
       loggedIn(request, response, out); 
       out.println("</body>"); 
       out.println("</html>"); 
      } 
      else 
      { 
       out.println("<html>"); 
       out.println("<head>"); 

       out.println("<title>" + title + "</title>"); 
       out.println("</head>"); 
       getBody(request, response, out); 
       notLoggedIn(request, response, out); 
       out.println("</body>"); 
       out.println("</html>"); 
      } 
      out.close(); 
     } 

    public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException 
    { 
     response.setContentType("text/html"); 

     PrintWriter out = response.getWriter(); 
     out.println("<html>"); 
     out.println("<head>"); 
     //... 
     out.println("<title>" + title + "</title>"); 
     out.println("</head>"); 
     getBody(request, response, out); 
     HttpSession session=request.getSession(false); 
     if(session == null) 
     { 
      //loads the login form 
      notLoggedIn(request, response, out); 
     } 
     else 
     { 
      //loads the member area 
      loggedIn(request, response, out); 
     } 
     out.println("</body>"); 
     out.println("</html>"); 
    } 

    public void getBody(HttpServletRequest request, HttpServletResponse response, PrintWriter out) 
    { 
     out.println("<body ...>"); 
     //... 
    } 

    public void notLoggedIn(HttpServletRequest request, HttpServletResponse response, PrintWriter out) 
    { 
     out.println("<form action='Login' method='post'>"); 
      out.println("<input type='text' name='username' placeholder='Benutzername' value='' required/>"); 
      out.println("<input type='password' name='password' placeholder='Passwort' value='' required/>"); 
      out.println("<input type='submit' value='Login'/>"); 
     out.println("</form>"); 
    } 

    public void loggedIn(HttpServletRequest request, HttpServletResponse response, PrintWriter out) 
    { 
     out.println("<form action='Logout' method='get'>"); 
      out.println("<ul id='links'>"); 
       out.println("<li><a href='http://www.vipcom/FileSystem'>FileSystem</a></li>"); 
       out.println("<li><a href='http://www.VIP.com/member2'>Member Area2 Jonah</a></li>"); 
     out.println("</ul>"); 
      out.println("<input type='submit' value='Logoff'/>"); 
     out.println("</form>"); 
    } 
} 

Answer 1

我怀疑它是如何工作的IE浏览器，因为你创建新的会话为每个新请求。你应该保持/使用以前的会话对象，如果你不想删除会话对象如下：

//replace the below code 
HttpSession session=request.getSession();//every time new session is created. 
// with this code at first line of doPost method so that the session will be accessible to your entire method as below: 
HttpSession session =null; 
if(request.getSession().isNew()){ 
     session= request.getSession();//new session 
}else{ 
     session= request.getSession(false);//current session 
} 

而且，你必须从if(password.equals("123") && username.equals("name")) {//here