1. Example of session management 1.1 Continue to complete the cookie 1.2 URL to overrote Note: Three static pages write into servlet; action = ' response.EncodeURL ("step2") ' // Production Simulation sessionID 1.3 session survival 10 2, processing exception 2.2 Actual abnormal 2.2 declarative abnormal 2.2.1 400, 404, etc. 404 404 < / error-code> / error/404.htm 2.2.2 servlet implementation Integer i = (Integer) Req.getaTRibute ("javax.servlet.error.status_code"); IF (I.intValue () == 401) Out.println ("401 Error"); if (I.intValue () == 404) Out.println ("404 Error"); 2.2.3 Program Error java.lang.arithmeticexception / error/404.htm 3, security authentication 3.1 with Basic or Digest authentication, web. XML 3 Part 3 // Security Constrained Admin Admin'blog / admin / * post get admin
// Login configuration Digest or Basic Digest
// Security role admin'blog admin
Join Tomcat-userS.xml: 3.2 is authenticated with Form, 3 parts: 3 parts of Web.xml Login Admin'blog / login / * Post get login form /login/auth.htm /login/error.htm Login'blog login 3.2.2 Tomcat-users.xml Add role:
3.2.3 AUTH.HTM should pay attention to three points (must be defined): action = "j_security_check" name = "j_username" name = "j_password"
4, thread safety (whether there is an impact of mutual resources) 4.1Case Int i = 0; // Global variables, class variables, session variables, servletContext, threads are not secure, use Implements SingleThreadModel to implement thread security. INT i = 0; // Local variable, request variable REQ, thread security.
5, JSP 5.1JSP Note <% - Comments -%> <% // - Comments -%> <% / * comments * /%> // HTML Note
