public User authenticate(HttpServletRequest request, HttpServletResponse response) { String cookie = getCookieFromRequest(request, 'cookieName'); if (cookie == null) { return null; } return getUserByCookie(cookie); } 是从cookie获取JSESSIONID,再用sessionid获得session拿到User吗
为什么不request.getSession()而是遍历cookie呢
因为用的是Cookie而不是Session
Sign in to make a reply
Bruce_Vae
public User authenticate(HttpServletRequest request, HttpServletResponse response) { String cookie = getCookieFromRequest(request, 'cookieName'); if (cookie == null) { return null; } return getUserByCookie(cookie); } 是从cookie获取JSESSIONID,再用sessionid获得session拿到User吗