会话技术Cookie&Session
会话:从打开一个浏览器访问某个站点,到关闭这个浏览器的整个过程,称为一次会话。
Cookie:数据存储在客户端本地,减少服务器端的存储的压力,安全性不好,客户端可以清除cookie。
Session:将数据存储到服务器端,安全性相对好,增加服务器的压力。
Cookie技术:
创建Cookie:Cookie cookie=new Cookie(String cookieName,String cookieValue);
Cookie中不能存储中文
cookie.setMaxAge(int seconds);--时间秒
cookie.setPath(String path);设置Cookie的携带路径
response.addCookie(Cookie cookie);向客户端发送cookie
package com.oracle.demo01; import java.io.IOException; import javax.servlet.ServletException; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class SendCookieServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { //1.创建Cookie对象 Cookie cookie=new Cookie("goods", "naiping"); //设置持久化时间 cookie.setMaxAge(60*2); //设置Cookie携带路径 //cookie.setPath("/WEB07/SendCookieServlet"); //2.发送Cookie response.addCookie(cookie); } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request, response); } }
删除客户端的cookie:
package com.oracle.demo01; import java.io.IOException; import javax.servlet.ServletException; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class RemovCookieServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { //删除Cookie Cookie cookie=new Cookie("goods", "naiping"); cookie.setMaxAge(0); response.addCookie(cookie); } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request, response); } }
1)通过request获得所有的Cookie:
Cookie[] cookies = request.getCookies();
2)遍历Cookie数组,通过Cookie的名称获得我们想要的Cookie
for(Cookie cookie : cookies){
if(cookie.getName().equal(cookieName)){
String cookieValue = cookie.getValue();
}
}
package com.oracle.demo01; import java.io.IOException; import javax.servlet.ServletException; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class GetCookieServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { Cookie[] cookies=request.getCookies(); //遍历Cookie数组通过cookie名获取cookie值 for(Cookie c:cookies){ if(c.getName().equals("goods")){ System.out.println(c.getValue()); } } } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request, response); } }
Session技术:
Session技术是将数据存储在服务器端的技术,会为每个客户端都创建一块内存空间 存储客户的数据,但客户端需要每次都携带一个标识ID去服务器中寻找属于自己的内 存空间。
创建:HttpSession session = reques.getSession();
向session中存取数据(session也是一个域对象)
存储:session.setAttribute(String name,Object obj);
获取:session.getAttribute(String name);
删除:session.removeAttribute(String name);
package com.oracle.demo01; import java.io.IOException; import javax.servlet.ServletException; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; public class SessionServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { //获取Session对象 HttpSession session=request.getSession(); //向session域中存储数据 session.setAttribute("goods", "奶瓶"); //获取JSESSIONID String id=session.getId(); //创建Cookie Cookie cookie=new Cookie("JSESSIONID", id); cookie.setPath("WEB08"); cookie.setMaxAge(60*3); //发送cookie response.addCookie(cookie); response.getWriter().write("JSESSIONID:"+id); } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request, response); } }
package com.oracle.demo01; import java.io.IOException; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; public class Servlet02 extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { //获取Session对象 HttpSession session=request.getSession(); //获取session中的内容 String goods=(String)session.getAttribute("goods"); //解决乱码 response.setContentType("text/html;charset=utf-8"); response.getWriter().write(goods); } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request, response); } }
Session的生命周期:
创建:第一次执行request.getSession()时。
销毁:服务器关闭时;
session失效(默认30分钟):时间从不操作服务器端的资源开始计时。
手动调用invalidate();
作用范围:默认在一次会话中,一次会话中任何资源公用一个session对象。