Servlet-Session

package com.pas.session;


import java.io.IOException;
import java.io.PrintWriter;


import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;


public class SessionTest extends HttpServlet {




 public void doGet(HttpServletRequest request, HttpServletResponse response)
 throws ServletException, IOException {


 this.doPost(request, response);
 }


 
 public void doPost(HttpServletRequest request, HttpServletResponse response)
 throws ServletException, IOException {


 response.setContentType("text/html;charset=gb2312");
 PrintWriter out = response.getWriter();


 HttpSession sss = request.getSession();
 sss.setAttribute("uname", "uname");
 sss.setAttribute("pas", "pas");
 
 // 設置週期時間 秒 默認30分鐘
 /*
 * 一個地方是：tomcat/conf/web.xml <session-config>
 * <session-timeout>30</session-timeout> </session-config> 對全部的web應用生效。
 * 第二個地方是：在單個web應用下的web.xml文件下添加或修改ession-config <session-config>
 * <session-timeout>10</session-timeout> </session-config> 只對本web應用生效
 * 若是兩個配置文件衝突，就以單個web應用的配置爲準。
 */
 sss.setMaxInactiveInterval(3600);
 sss.removeAttribute("uname");
 //remove後輸出null
 //輸出uname=true,pas=pas 
 
 out.println("uname=" + (sss.getAttribute("uname")==null) + ",pas="
 + sss.getAttribute("pas"));
 
 //終結全部Session對象
 sss.invalidate();
 //用戶權限判斷
 HttpSession s=request.getSession(true);
 if(s.isNew())
 {
 out.println("非法登陸");
 }
 out.flush();
 out.close();
 }

//權限檢查
private void premSessionCheck(HttpServletRequest request,
 HttpServletResponse response) throws ServletException, IOException {
 HttpSession sessionCheck=request.getSession(true);
 User u=(User)sessionCheck.getAttribute("User");
 if(u==null)
 {
 request.setAttribute("err", "用戶名或密碼錯誤！");
 request.getRequestDispatcher("/LoginServlet")
 .forward(request, response);
 return;
 }
 }

}