session:
在web应用开发中,当用户首次访问应用时,此应用服务器会为此用户创建一个session,保存此用户的相关数据为此用户服务,当用户再次访问此应用时,可以直接从保存后的session中直接取出数据使用
session和cookie的区别:
cookie:是将用户的数据直接保存在浏览器客户端中。cookie只能存字符串,cookie不安全储存在浏览器客户端
session:直接将用户的数据保存在应用的服务器上,session对象是又服务器创建,开发人员可直接调用request的getSession方法获取session对象。
session可以存对象,session安全
session的实现原理:
服务器如何实现一个session为一个用户服务
用户一访问时,会创建一个session,创建session的同时会创建一个sessionId,随机生成,将此id保存在cookie当中。
用户二访问时,会创建一个session,创建session的同时会创建一个sessionId,随机生成,将此id保存在cookie当中。
用户一再次访问时,首先会查看cookie中是否有开始创建session时生成的id,有不再创建session。
package qingxia.tang; import java.io.IOException; import java.io.PrintWriter; import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; /** * Servlet implementation class cookieDemo1 */ @WebServlet("/cookieDemo1") public class sessionDemo1 extends HttpServlet { private static final long serialVersionUID = 1L; /** * @see HttpServlet#HttpServlet() */ public sessionDemo1() { super(); // TODO Auto-generated constructor stub } /** * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response) */ protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { //创建session HttpSession session = request.getSession(); PrintWriter pw=response.getWriter(); String parameter = request.getParameter("name"); parameter=new String(parameter.getBytes("iso-8859-1"),"UTF-8"); //将name保存到session中 session.setAttribute("name", parameter); //获取创建session时生成的id String id = session.getId(); //pw.print(parameter); pw.print(id); } /** * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response) */ protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // TODO Auto-generated method stub doGet(request, response); } }
package qingxia.tang; import java.io.IOException; import java.io.PrintWriter; import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; /** * Servlet implementation class sessionDemo2 */ @WebServlet("/sessionDemo2") public class sessionDemo2 extends HttpServlet { private static final long serialVersionUID = 1L; /** * @see HttpServlet#HttpServlet() */ public sessionDemo2() { super(); // TODO Auto-generated constructor stub } /** * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response) */ protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html;charset=UTF-8"); //获取session对象 HttpSession session = request.getSession(); //从session中获取name值 String name = (String)session.getAttribute("name"); PrintWriter pw=response.getWriter(); //获取创建session时生成的id String id = session.getId(); pw.write(name+":id:"+id); } /** * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response) */ protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // TODO Auto-generated method stub doGet(request, response); } }
保存name到session中和从session中取name值,从session中取到的id是同一个id
httpsession实现购物车
package qingxia.tang; import java.io.IOException; import java.io.PrintWriter; import java.util.Map; import java.util.Map.Entry; import java.util.Set; import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import qingxia.tang.entity.Book; import qingxia.tang.util.DbUtils; /** * Servlet implementation class ShowAllBook */ @WebServlet("/ShowAllBook") public class ShowAllBook extends HttpServlet { private static final long serialVersionUID = 1L; /** * @see HttpServlet#HttpServlet() */ public ShowAllBook() { super(); // TODO Auto-generated constructor stub } /** * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response) */ protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html;charset=UTF-8"); PrintWriter out = response.getWriter(); out.print("本网站有以下书籍:</br>"); Map<String, Book> allBook = DbUtils.getAllBook(); for (Entry<String, Book> entry : allBook.entrySet()) { out.print("<a href='"+request.getContextPath()+"/addCart?id="+entry.getKey()+"' target='_blank'>"+entry.getValue().getBookName()+"</a></br>"); } out.print("<a href='"+request.getContextPath()+"/ShowCart' target='_blank'>购物车有以下书籍:</a>"); } /** * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response) */ protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // TODO Auto-generated method stub doGet(request, response); } }
package qingxia.tang; import java.io.IOException; import java.io.PrintWriter; import java.util.ArrayList; import java.util.List; import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import qingxia.tang.entity.Book; import qingxia.tang.util.DbUtils; /** * Servlet implementation class addCart */ @WebServlet("/addCart") public class addCart extends HttpServlet { private static final long serialVersionUID = 1L; /** * @see HttpServlet#HttpServlet() */ public addCart() { super(); // TODO Auto-generated constructor stub } /** * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response) */ protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html;charset=UTF-8"); PrintWriter out = response.getWriter(); String id = request.getParameter("id"); Book bookById = DbUtils.getBookById(id); HttpSession session = request.getSession(); //从session中获取key值为cart的list List<Book> list=(List<Book>) session.getAttribute("cart"); //如果session中无key值为cart的list,则创建list if(list==null){ list=new ArrayList<Book>(); } //将要添加的书添加到list list.add(bookById); //将书的list添加到session中 session.setAttribute("cart", list); out.print("添加成功!"); response.setHeader("refresh", "2;url='"+request.getContextPath()+"/ShowAllBook'"); } /** * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response) */ protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // TODO Auto-generated method stub doGet(request, response); } }
package qingxia.tang; import java.io.IOException; import java.io.PrintWriter; import java.util.List; import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import qingxia.tang.entity.Book; /** * Servlet implementation class ShowCart */ @WebServlet("/ShowCart") public class ShowCart extends HttpServlet { private static final long serialVersionUID = 1L; /** * @see HttpServlet#HttpServlet() */ public ShowCart() { super(); // TODO Auto-generated constructor stub } /** * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response) */ protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html;charset=UTF-8"); HttpSession session = request.getSession(); PrintWriter out = response.getWriter(); //从session中获取key为cart的list值 List<Book> list = (List<Book>) session.getAttribute("cart"); if(list==null){ out.print("你还没有买东西呢!"); response.setHeader("refresh", "2;url='"+request.getContextPath()+"/ShowAllBook'"); return; } for (Book book : list) { out.print(book.getBookName()+"</br>"); } } /** * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response) */ protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // TODO Auto-generated method stub doGet(request, response); } }
为什么要学习HttpSession?
- 它是一个域对象,request、response、servletContext
- 同一个会话下,可以使一个应用的多个资源共享数据
- cookie是客户端技术,只能储存字符串,储存在客户端不安全;httpSession是服务端技术,它可以储存对象。储存在服务端安全。
httpSession常用方法
把数据保存在HttpSession对象中,该对象也是一个域对象。
void setAttribute(String name,Object value);
Object getAttribute(String name);
void removeAttribute(String name); //从会话中将某一session移除
HttpSession.getId():
setMaxInactiveInterval(int interval) //设置session的存活时间
应用如:session中储存的是用户对象,当用户长时间没操作应用,可以设置session的存活时间,超出存活时间此用户失效,用户需重新登录应用。
invalidate() //使此会话无效
应用如:session中储存的是用户对象,当用户点击退出当前应用,可设置session失效,用户需重新登录应用。
session的状态
当停服务器应用时,服务器会将session值持久化到存盘里,同时会实现实体的序列化serializable(即要求实体要能够序列化),这样序列化成功,服务重启时会反序列化数据,用户信息和购物车中的内容就不会消失
服务停掉时,保存session数据的文件位置
服务器重启时,反序列化数据,此文件消失
购物车中的书还在
session存活时间的设置方式有四种
- 默认session存活时间为30分钟
-
Session.invalidate();强制销毁
-
setMaxInactiveInterval(int )单位秒
- 在web.xml中配置
总结
当停服务器应用时,会将应用中的session数据持久化到tomcat下项目的work文件中,同时要求保存在session中的实体能够序列化,当服务重启时会反序列化读取存在内容中的文件,此过程保存在session中的数据不会丢失,如淘宝中的购物车。
