-
FEATURED COMPONENTS
First time here? Check out the FAQ!
I get problem on Session ZK after Login Security:
My Class Login.Java
HttpSession ses=(HttpSession) Sessions.getCurrent().getNativeSession(); Security.setSes(ses); Security.setAtt(pdb.getIduser()); Executions.sendRedirect("Main.zul");
public class Security { private static HttpSession ses; public static HttpSession getSes() { return ses; } public static void setSes(HttpSession ses) { Security.ses = (HttpSession) ses; } public static void setAtt(String val){ ses.setAttribute("ruser",val); } public static void logout(){ ses.removeAttribute("ruser"); ses.invalidate(); } }
System.out.println(Security.getSes().getId()); System.out.println(Security.getSes().getAttribute("ruser"));
Hello!
You are missing the meaning of the STATIC keyword :)
Instead of storing the user's credentials in a static variable, store it in the Executions.getCurrent().getSession().
However there are a lot of small talks around the security topic in the documentation!
As gganassin said. Avoid static variables in a web application or use them carefully because it allows access from all users.
It's not the same as a static method call.
best
Stephan
Asked: 2012-08-29 08:03:42 +0800
Seen: 165 times
Last updated: Sep 02 '12