1,session管理的例子
1.1 继续完成Cookie
1.2 URL重写
注意:三个静态页面写进servlet; action='+response.encodeURL("step2")+'//制作仿真SessionID
1.3 session存活期
<session-config>
<session-timeout>10</session-timeout>
</session-config >
2,处理异常
2.1 程序式异常
2.2 声明式异常
2.2.1 400,404等等
<error-page>
<error-code>404</error-code>
<location>/error/404.htm</location>
</error-page>
2.2.2 servlet实现
Integer i =(Integer) req.getAttribute("javax.servlet.error.Status_Code");
if(i.intValue()==401)
out.println("401错误");
if(i.intValue()==404)
out.println("404错误");
2.2.3 程序错误
<error-page>
<exception-type>java.lang.ArithmeticException</exception-type>
<location>/error/404.htm</location>
</error-page>
3,安全认证
3.1用BASIC或者DIGEST认证,web.xml中分三部分
<security-constraint>//安全约束
<web-resource-collection>
<web-resource-name>admin</web-resource-name>
<description>admin'blog</description>
<url-pattern>/admin/*</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<login-config>//登陆配置 DIGEST或者BASIC
<auth-method>DIGEST</auth-method>
</login-config>
<security-role>//安全角色
<description>admin'blog</description>
<role-name>admin</role-name>
</security-role>
tomcat-users.xml中加入角色:
<user name="tomcat" password="tomcat" roles="tomcat,admin" />
3.2用FORM进行认证,
web.xml中分三部分
<security-constraint>
<web-resource-collection>
<web-resource-name>login</web-resource-name>
<description>admin'blog</description>
<url-pattern>/login/*</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>login</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login/auth.htm</form-login-page>
<form-error-page>/login/error.htm</form-error-page>
</form-login-config>
</login-config>
<security-role>
<description>login'blog</description>
<role-name>login</role-name>
</security-role>
3.2.2 tomcat-users.xml中加入角色:
<user name="tomcat" password="tomcat" roles="tomcat,admin,login" />
3.2.3 auth.htm中要注意三点(必须如此定义):
action="j_security_check"
name="j_username"
name="j_password"
4,线程安全(互相资源是否有影响)
4.1case
int i = 0;//全局变量、类变量、session变量、servletContext,线程不安全,用implements singleThreadModel,实现线程安全。
int i = 0;//局部变量、请求变量req,线程安全。
5,JSP
5.1jsp注释
<%-- comments--%>
<%//-- comments --%>
<%/* comments */%>
<!-- comments -->//html注释