Appscan?????????

????1.?????δ???￡?????????????′???
????request.getSession(true).invalidate();//???session
????Cookie cookie = request.getCookies()[0];//???cookie
????cookie.setMaxAge(0);//??cookie????
????request.getSession(true).invalidate();//???session
????Cookie cookie = request.getCookies()[0];//???cookie
????cookie.setMaxAge(0);//??cookie????
?????????????session??????????·?????????????
????2.?????????α??
??????????url?????sessionid??
????response.getWriter().write( "<script>parent.location.href='dbase/admin/loginJsp.action?sessionId="+sessionId+"'</script>");
????response.getWriter().write( "<script>parent.location.href='dbase/admin/loginJsp.action?sessionId="+sessionId+"'</script>");
???????????????ssl????????????post????????
response.getWriter().write(
"<script language="javascript"> " +
"document.write("<form action=dbase/admin/loginJsp.action method=post name=formx1 style='display:none'>");" +
"document.write("<input type=hidden name=name value='"+sessionId+"'");" +
"document.write("</form>");" +
"document.formx1.submit();" +
"</script>"
);
response.getWriter().write(
"<script language="javascript"> " +
"document.write("<form action=dbase/admin/loginJsp.action
method=post name=formx1 style='display:none'>");" +
"document.write("<input type=hidden name=name value='"+sessionId+"'");" +
"document.write("</form>");" +
"document.formx1.submit();" +
"</script>"
);
????3.???ò????HTTP????
???????web?????л????????web.xml????????????????????ò????HTTP????
<security-constraint>
<web-resource-collection>
<url-pattern>/*</url-pattern>
<http-method>PUT</http-method>
<http-method>DELETE</http-method>
<http-method>HEAD</http-method>
<http-method>OPTIONS</http-method>
<http-method>TRACE</http-method>
</web-resource-collection>
<auth-constraint>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
</login-config>