JSP session processing

ASP programmers often handle Application_Start, session_start, such as user authentication, redirect different coded pages, etc., is very convenient, but a popular JSP does not support this treatment, The server JRUN supports Global.jsa, and the open source server Tomcat that is extremely connected to the Global.jsa is not supported. This has caused non-small obstacles to the development of JSP. Although the early Tomcat (5.0 previous version) can be implemented in the following ways- 1. Add start event handling Session session.put ( "bind.listener", new MyListener (getServletContext ()) 2. MyListener defined class import javax.servlet.http *;. import javax.servlet *;. public class MyListener implements HttpSessionBindingListener {ServletContext context; public ODSessionListener (ServletContext context) {this.context = context;} public void valueBound (HttpSessionBindingEvent event) {System.out.println ( "bound");} public void valueUnBound (HttpSessionBindingEvent event) {System.out. Println ("unbound");}}

However, the premise is that session has been established, and cannot process verification when session creation, and finally find a feasible method by studying servlet 2.4 (Tomcat5.0 built), implementation methods are as follows: // ------- --------------- SessionListener.java -------------------------------------------------------------------------------------------------------------------------------------------------------------------- -------------------- Package Listeners; Import Javax.Servlet.ServletContext; Import Javax.Servlet.ServletContextevent; Import Javax.Servlet.ServletContextListener; Import Javax.Servlet.http .HttpSessionAttributeListener; import javax.servlet.http.HttpSessionBindingEvent; import javax.servlet.http.HttpSessionEvent; import javax.servlet.http.HttpSessionListener; // ServletRequestListener for the new interfaces Servlet2.4

Import javax.servlet.servletRequestListener; import javax.servlet.servletRequestevent; import javax.servlet.http.httpservletRequest;

public final class SessionListener implements HttpSessionListener, ServletRequestListener {private HttpServletRequest request; public void requestDestroyed (ServletRequestEvent sre) {} public void requestInitialized (ServletRequestEvent sre) {request = (HttpServletRequest) sre.getServletRequest ();} public void sessionCreated (HttpSessionEvent event) { String logmsg = event.getations (). GetId () "''" Request.getRemoteAddr () ":" Request.getRemoteport (); log ("Sessioncreated ('" logmsg ")"); }

Public void sessionDestroyed ("SessionDestroyed ('" event.getations (). getId () ")");}

Private void log (string message) {system.out.println ("sessionListener:" message);}}

When starting to receive the client request (RequestInitialized), get the current HttpRequest object in private member request, which can be verified to the session user when session creation, and shut down the session, limit IP address access, here only Record session source as an example (sessionlistener.java) Compile this class, add the following lines after Web.xml's Host Elements: listener- ClassListener This article Applicable environment: Tomcat 5.02, J2SE1.41 (does not support business servers)