发表新帖
发表新帖

Java secure session

前端 未结
关注
4 1819
感动是毒
感动是毒 2020-12-11 18:10

Whenever you authenticate, your application should change the session identifier it uses. This helps to prevent someone from setting up a session, copying the session identi

4条回答
  • 孤街浪徒
    孤街浪徒 (楼主)
    2020-12-11 19:03

    Get the existing; invalidate it; create a new one ...

    1) Get the current Session with HttpServletRequest.getSession();
    2) Clear the Session: HttpSession.invalidate();
    3) Create a new one: HttpServletRequest.getSession(true);

    0 讨论(0)
 看不清?
提交回复
热议问题