问题描述

我想通过JSESSIONID获得Java HttpSession.是否有可能?如果是，怎么办?

I want to get Java HttpSession by JSESSIONID. Is it possible? If yes, how?

推荐答案

您需要将它们全部收集在 Map . html"rel =" noreferrer> HttpSessionListener 自己.

You need to collect them all in a Map using a HttpSessionListener yourself.

public class HttpSessionCollector implements HttpSessionListener {
    private static final Map<String, HttpSession> sessions = new HashMap<String, HttpSession>();

    @Override
    public void sessionCreated(HttpSessionEvent event) {
        HttpSession session = event.getSession();
        sessions.put(session.getId(), session);
    }


    @Override
    public void sessionDestroyed(HttpSessionEvent event) {
        sessions.remove(event.getSession().getId());
    }

    public static HttpSession find(String sessionId) {
        return sessions.get(sessionId);
    }

}

只需按如下所示在web.xml中注册即可运行它:

Just register it in web.xml as follows to run it:

<listener>
    <listener-class>com.example.HttpSessionCollector</listener-class>
</listener>

然后，在任何您想执行的地方执行HttpSessionCollector.find(sessionId)来获取有问题的HttpSession.

Then, anywhere you want just do HttpSessionCollector.find(sessionId) to get the HttpSession in question.

也就是说，这是一种巨大的气味.当然，要解决 actual 功能需求，还有更好的方法；)正如我在您的后续问题:

That said, this is a huge smell. There are certainly better ways to solve the actual functional requirement than this ;) As I commented in your follow-up question:

认真对待.我们不是在取笑您，我们只是在尝试向您提供正确的方向，以避免您的项目/网络应用由于安全漏洞和不良做法而中断，并且/或者您将被解雇.

Take it serious. We're not teasing you, we're just trying to help you in the right direction to avoid that your project/webapp will break due to security holes and bad practices and/or that you will get fired.

这篇关于如何从JSESSIONID加载Java HttpSession?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！