Google chrome 在Apache Tomcat中部署的Webapp中登录失败
我在ApacheTomcat中部署了一个简单的web应用程序,它有一个登录页面、一个上传表单和一个注销按钮 提交登录表单时,如果登录成功,我将检查凭据并将其重定向到上载页面,如果登录失败,我将重新将请求定向到登录页面本身 我还有一个过滤器(javax.servlet.Filter),用于验证每个请求是否来自登录用户 昨天一切都很好,但今天即使有有效的用户名/密码,我也会被重定向到登录页面。这只发生在Chrome中 如果我使用Firefox或在chrome中打开一个匿名窗口,流量工作得非常好 调试时,我看到成功登录时重定向时,request.session返回null 我的登录服务:Google chrome 在Apache Tomcat中部署的Webapp中登录失败,google-chrome,tomcat,servlets,login,httpsession,Google Chrome,Tomcat,Servlets,Login,Httpsession,我在ApacheTomcat中部署了一个简单的web应用程序,它有一个登录页面、一个上传表单和一个注销按钮 提交登录表单时,如果登录成功,我将检查凭据并将其重定向到上载页面,如果登录失败,我将重新将请求定向到登录页面本身 我还有一个过滤器(javax.servlet.Filter),用于验证每个请求是否来自登录用户 昨天一切都很好,但今天即使有有效的用户名/密码,我也会被重定向到登录页面。这只发生在Chrome中 如果我使用Firefox或在chrome中打开一个匿名窗口,流量工作得非常好 调试
if (success) {
........
...........
HttpSession session = request.getSession(true);
session.setAttribute(WebAppConstants.OAUTH_TOKEN_SESSION_ATTRIB, accessToken);
session.setAttribute(WebAppConstants.USER_SESSION_ATTRIB, username);
session.setAttribute(WebAppConstants.IS_LOGGED_IN_SESSION_ATTRIB, true);
session.setMaxInactiveInterval(30 * 60);
Cookie usernameCookie = new Cookie(WebAppConstants.USER_SESSION_ATTRIB, username);
usernameCookie.setMaxAge(30 * 60);
response.addCookie(usernameCookie);
response.sendRedirect(WebAppConstants.UPLOADER_JSP);
} else {
response.sendRedirect(WebAppConstants.INVALID_LOGIN_JSP);
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
HttpSession session = request.getSession(false);
String loginURI = request.getContextPath() + "/login.html";
String uri = request.getRequestURI();
this.context.log("Requested Resource::" + uri);
if (session == null && !(uri.endsWith("html") || uri.endsWith("login"))) {
this.context.log("Unauthorized access request");
response.sendRedirect(loginURI);
} else {
filterChain.doFilter(request, response); // Logged-in user found, so just continue request.
}
}
我的登录检查过滤器:
if (success) {
........
...........
HttpSession session = request.getSession(true);
session.setAttribute(WebAppConstants.OAUTH_TOKEN_SESSION_ATTRIB, accessToken);
session.setAttribute(WebAppConstants.USER_SESSION_ATTRIB, username);
session.setAttribute(WebAppConstants.IS_LOGGED_IN_SESSION_ATTRIB, true);
session.setMaxInactiveInterval(30 * 60);
Cookie usernameCookie = new Cookie(WebAppConstants.USER_SESSION_ATTRIB, username);
usernameCookie.setMaxAge(30 * 60);
response.addCookie(usernameCookie);
response.sendRedirect(WebAppConstants.UPLOADER_JSP);
} else {
response.sendRedirect(WebAppConstants.INVALID_LOGIN_JSP);
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
HttpSession session = request.getSession(false);
String loginURI = request.getContextPath() + "/login.html";
String uri = request.getRequestURI();
this.context.log("Requested Resource::" + uri);
if (session == null && !(uri.endsWith("html") || uri.endsWith("login"))) {
this.context.log("Unauthorized access request");
response.sendRedirect(loginURI);
} else {
filterChain.doFilter(request, response); // Logged-in user found, so just continue request.
}
}
为什么Chrome浏览器会出现这种情况??我处理的东西是否正确
谢谢我尝试在Chrome中删除Cookie,我的登录链工作正常 然而,我仍在试图弄清楚(使用chrome)到底发生了什么,以及清除cookies对我有什么帮助 编辑:
if (success) {
........
...........
HttpSession session = request.getSession(true);
session.setAttribute(WebAppConstants.OAUTH_TOKEN_SESSION_ATTRIB, accessToken);
session.setAttribute(WebAppConstants.USER_SESSION_ATTRIB, username);
session.setAttribute(WebAppConstants.IS_LOGGED_IN_SESSION_ATTRIB, true);
session.setMaxInactiveInterval(30 * 60);
Cookie usernameCookie = new Cookie(WebAppConstants.USER_SESSION_ATTRIB, username);
usernameCookie.setMaxAge(30 * 60);
response.addCookie(usernameCookie);
response.sendRedirect(WebAppConstants.UPLOADER_JSP);
} else {
response.sendRedirect(WebAppConstants.INVALID_LOGIN_JSP);
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
HttpSession session = request.getSession(false);
String loginURI = request.getContextPath() + "/login.html";
String uri = request.getRequestURI();
this.context.log("Requested Resource::" + uri);
if (session == null && !(uri.endsWith("html") || uri.endsWith("login"))) {
this.context.log("Unauthorized access request");
response.sendRedirect(loginURI);
} else {
filterChain.doFilter(request, response); // Logged-in user found, so just continue request.
}
}
根据Shadab Faiz的上述回答,以下答案似乎准确无误,因此我接受:
有时浏览器可能会存储以前的请求数据。因此,当您输入错误的凭据时,它会存储该请求。因此,从下一个开始,无论何时输入正确的信息,都会发送上一个信息错误的请求
谢谢请尝试清除您的浏览器历史记录,它曾经帮助过我。我尝试在Chrome上删除Cookie,效果很好。然而,我想知道根本原因是什么以及实际发生了什么??发生的是,有时候brower可能会存储以前的请求数据,所以当您输入错误的凭据时,它会存储该请求。因此,从下一步开始,每当您输入正确的信息时,就会发送带有错误信息的prevoius请求。话虽如此,我还在学习jsp/servlet,所以我可能不是100%正确。我认为您上面的解释是有意义的,可能是问题所在。重置。