java的会话技术和session
1、会话技术
(1)从打开一个浏览器访问某个站点,到关闭这个浏览器的整个过程,成为一次会话。
注:浏览器没关,只关闭一个网页不算会话结束;
(2)分类:cookie和session
2、cookie:客户端本地;客户端可以清除cookie;安全性不好;减轻服务器存储压力;
(1)服务器向客户端发送一个cookie:响应头set-cookie
1)创建cookie;Cookie cookie = new Cookie(String Name,String Value);
键值对;set-cookie响应头;别写中文;
2)设置持久化时间:cookie.setMaxAge(60*10)里面的单位是秒;
不设置存储在浏览器内存中,关闭后销毁,设置后持久化到浏览器的磁盘文件;超过时间自动销毁;
3)设置携带路径:cookie.setPath(String path);
注:("/")任何路径都可以;("/web05")web05下的所有路径都可以;
不设置cookie信息会在访问产生该cookie的web资源所在的路径都携带cookie信息;
举例:cookie信息在web05的sendcookie里,那么访问完sendcookie后,访问web05下的其他项目也会有此cookie信息;
4)发送cookie:response.addCookie(Cookie cookie);
package com.oracle.cookie; import java.io.IOException; import javax.servlet.ServletException; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class cookieServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { request.setCharacterEncoding("UTF-8"); response.setContentType("text/html;charset=UTF-8"); //1、创建cookie对象 Cookie cookie = new Cookie("goods","xsphone"); //设置cookie持久化时间----------在硬盘上保存的时间 cookie.setMaxAge(60); //为cookie设置携带路径 //cookie.setPath("/Day20/cookieServlet"); //cookie.setPath("/Day20"); //2、存储数据发送到客户端 response.addCookie(cookie); response.getWriter().write("hello world!"); } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request, response); } }
效果如下:
5)删除cookie:使用同名同路径的持久化时间为0的cookie进行覆盖;必须是同名同路径;
package com.oracle.cookie; import java.io.IOException; import javax.servlet.ServletException; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class removecookieServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { request.setCharacterEncoding("UTF-8"); response.setContentType("text/html;charset=UTF-8"); //创建一个cookie Cookie cookie = new Cookie("goods","xsphone"); cookie.setPath("/Day20"); cookie.setMaxAge(0); response.addCookie(cookie); response.getWriter().write("hello world!"); } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request, response); } }
重新设置时间操作显示如下:
(2)服务器接收客户端cookie:请求头cookie
1)获取所有的cookie:Cookie[] cookies = request.getCookies();
2)遍历Cookie数组:
for(Cookie cookie : cookies){
if(cookie.getName().equal(cookieName)){String cookieValue = cookie.getValue();}}
注意先访问cookieServlet!
package com.oracle.cookie; import java.io.IOException; import javax.servlet.ServletException; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class getcookieServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { request.setCharacterEncoding("UTF-8"); response.setContentType("text/html;charset=UTF-8"); //先获取装有cookie对象的数组 Cookie[] cookie = request.getCookies(); for(Cookie c:cookie){ if(c.getName().equals("goods")){ System.out.println(c.getValue()); } } response.getWriter().write("hello world!"); } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request, response); } }
效果如下:
控制台打印输出:
3、session:服务器;安全性好;加重服务器存储压力;
(1)获得Session对象:HttpSession session = request.getSession();
!!!在一个浏览器中sessionid是同一个;根据sessionid判断是否存在;
(2)设置session持久化时间:Cookie cookie = new Cookie("JSESSIONID",request.getSession().getId());cookie.setMaxAge(60*10);
本质是设置cookie;
(3)session也是一个域对象;三个方法;
package com.oracle.seesion; import java.io.IOException; import javax.servlet.ServletException; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; public class session extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { request.setCharacterEncoding("UTF-8"); response.setContentType("text/html;charset=UTF-8"); HttpSession session = request.getSession(); String id = session.getId(); session.setAttribute("goods", "shouji"); //设置JSESSIONID的持久化时间 Cookie cookie = new Cookie("JSESSIONID",id); cookie.setPath("/Day20"); cookie.setMaxAge(60*2); response.addCookie(cookie); response.getWriter().write(id); } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request, response); } }
效果如下:
在不关闭浏览器的情况下,访问第二个servlet:
package com.oracle.seesion; import java.io.IOException; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; public class seesion extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { request.setCharacterEncoding("UTF-8"); response.setContentType("text/html;charset=UTF-8"); HttpSession session = request.getSession(); String id = session.getId(); HttpSession session1 = request.getSession(); String id1 = session1.getId(); String name = (String)session.getAttribute("goods"); response.getWriter().write(id+".."+id1); response.getWriter().write(name); } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request, response); } }
效果如下:
!!!可以看出ID都是一样的;
(4)session生命周期:第一次执行request.getSession()时创建;服务器(非正常)关闭时或者session过期/失效(默认30分钟)销毁;
(5)设置session销毁时间:从不操作服务器端的资源开始计时默认30分钟;session.invalidate();web.xml配置;
