Fatal编程技术网
  • java/
  • Java 在jsp和Servlet过滤器中获取相同的会话对象?

Java 在jsp和Servlet过滤器中获取相同的会话对象?

java jsp jakarta-ee servlets

Java 在jsp和Servlet过滤器中获取相同的会话对象?,java,jsp,jakarta-ee,servlets,Java,Jsp,Jakarta Ee,Servlets,我正在为jsp页面中的会话对象设置一个属性,如下所示: String remoteAddr = request.getRemoteAddr(); session.setAttribute("remoteAddr",remoteAddr); 然后,我尝试在servlet过滤器中检索该会话属性: public void doFilter(ServletRequest request, ServletResponse response, FilterC

我正在为jsp页面中的会话对象设置一个属性,如下所示:

String remoteAddr = request.getRemoteAddr();
session.setAttribute("remoteAddr",remoteAddr);
然后,我尝试在servlet过滤器中检索该会话属性:

public void doFilter(ServletRequest request, ServletResponse response,
                        FilterChain chain) throws IOException, ServletException {

HttpServletRequest httpServletRequest = (HttpServletRequest) request;
String remoteIP = httpServletRequest.getSession(false).getAttribute("remoteAddr");
}
但是我在这里得到了session对象的null值。在这里获取相同会话对象的正确方法是什么?

该方法可能返回
null

如果create为false并且请求没有有效的HttpSession,则此方法返回null

根据执行
chain.doFilter(请求、响应)的时间,可以在请求资源之前或请求资源之后调用

在您的情况下,您似乎在执行jsp之前查询会话,即执行以下操作:


HttpServletRequest httpServletRequest = (HttpServletRequest) request;
String remoteIP = (String) httpServletRequest.getSession(false).getAttribute("remoteAddr");

// pass the request along the filter chain
chain.doFilter(request, response);



String remoteIP= request.getRemoteAddr();

if(remoteIP.matches("some pattern")) {
    ((HttpServletResponse)response).setStatus(HttpServletResponse.SC_FORBIDDEN);
} else {
    // pass the request along the filter chain
    chain.doFilter(request, response);  
}


改成


// pass the request along the filter chain
chain.doFilter(request, response);

HttpServletRequest httpServletRequest = (HttpServletRequest) request;
String remoteIP = (String) httpServletRequest.getSession(false).getAttribute("remoteAddr");


将使其正常工作,但我怀疑您是否打算这样做,因为您可能希望检查远程IP并决定是否允许访问或拒绝访问请求的资源,在这种情况下,您可能希望执行以下操作:


HttpServletRequest httpServletRequest = (HttpServletRequest) request;
String remoteIP = (String) httpServletRequest.getSession(false).getAttribute("remoteAddr");

// pass the request along the filter chain
chain.doFilter(request, response);



String remoteIP= request.getRemoteAddr();

if(remoteIP.matches("some pattern")) {
    ((HttpServletResponse)response).setStatus(HttpServletResponse.SC_FORBIDDEN);
} else {
    // pass the request along the filter chain
    chain.doFilter(request, response);  
}



您确定
request.getRemoteAddr()
一开始没有给您一个空值吗?