1,session管理的例子
1.1 繼續完成Cookie
1.2 URL重寫
注意:三個靜態頁面寫進servlet; action='+response.encodeURL("step2")+'//製作仿真SessionID
1.3 session存活期
<session-config>
<session-timeout>10</session-timeout>
</session-config >
2,處理異常
2.1 程序式異常
2.2 聲明式異常
2.2.1 400,404等等
<error-page>
<error-code>404</error-code>
<location>/error/404.htm</location>
</error-page>
2.2.2 servlet實現
Integer i =(Integer) req.getAttribute("javax.servlet.error.Status_Code");
if(i.intValue()==401)
out.println("401錯誤");
if(i.intValue()==404)
out.println("404錯誤");
2.2.3 程序錯誤
<error-page>
<exception-type>java.lang.ArithmeticException</exception-type>
<location>/error/404.htm</location>
</error-page>
3,安全認證
3.1用BASIC或者DIGEST認證,web.xml中分三部分
<security-constraint>//安全約束
<web-resource-collection>
<web-resource-name>admin</web-resource-name>
<description>admin'blog</description>
<url-pattern>/admin/*</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<login-config>//登陸配置 DIGEST或者BASIC
<auth-method>DIGEST</auth-method>
</login-config>
<security-role>//安全角色
<description>admin'blog</description>
<role-name>admin</role-name>
</security-role>
tomcat-users.xml中加入角色:
<user name="tomcat" password="tomcat" roles="tomcat,admin" />
3.2用FORM進行認證,
web.xml中分三部分
<security-constraint>
<web-resource-collection>
<web-resource-name>login</web-resource-name>
<description>admin'blog</description>
<url-pattern>/login/*</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>login</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login/auth.htm</form-login-page>
<form-error-page>/login/error.htm</form-error-page>
</form-login-config>
</login-config>
<security-role>
<description>login'blog</description>
<role-name>login</role-name>
</security-role>
3.2.2 tomcat-users.xml中加入角色:
<user name="tomcat" password="tomcat" roles="tomcat,admin,login" />
3.2.3 auth.htm中要注意三點(必須如此定義):
action="j_security_check"
name="j_username"
name="j_password"
4,線程安全(互相資源是否有影響)
4.1case
int i = 0;//全局變量、類變量、session變量、servletContext,線程不安全,用implements singleThreadModel,實現線程安全。
int i = 0;//局部變量、請求變量req,線程安全。
5,JSP
5.1jsp註釋
<%-- comments--%>
<%//-- comments --%>
<%/* comments */%>
<!-- comments -->//html註釋