Session
简介
package org.westos.demo2;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
/**
* @author lwj
* @date 2020/8/20 13:55
*/
@WebServlet(name = "MyServlet", value = "/myServlet")
public class MyServlet extends HttpServlet {
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
//服务端会话技术:Session
//会话域对象:Session,浏览器和服务器建立的一次连接,在这次会话中,可以包含多次请求和响应
//原理:当浏览器第一次请求服务器时,服务器会创建Session对象,然后把Session对象的id通过Set-Cookie头响应给浏览器
HttpSession session = request.getSession();
session.setAttribute("username", "jenny");
}
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request, response);
}
}
package org.westos.demo2;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
/**
* @author lwj
* @date 2020/8/20 14:03
*/
@WebServlet(name = "MyServlet2", value = "/myServlet2")
public class MyServlet2 extends HttpServlet {
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
HttpSession session = request.getSession();
String username = (String) session.getAttribute("username");
System.out.println(username);
}
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request, response);
}
}
Session域,是可以在/myServlet2请求中拿到Session对象的这个属性。
获取Session
request.getSession();
//默认空参:根据JSESSIONID的值查找是否存在对应的Session对象,如果不存在,那么创建新的Session对象,如果存在,那么返回存在的那个Session对象
//在第一次请求时,/myServlet,服务器此时还没有Session对象,那么新建一个Session对象,并把JSESSIONID作为Cookie传递到浏览器,在第二次请求时,/myServlet2,request.getSession(),返回的是服务器已经存在的那个Session对象,自然可以拿到Session域中的username属性
request.getSession(boolean flag)
- true,默认值,和无参效果一致;
- false,根据JSESSIONID查找是否存在Session对象,如果找到了,返回即可,如果没有找到,那么返回Null,而不会创建新的Session对象。
服务器的钝化与活化
1、当浏览器关闭后,会话结束,客户端Cookie失效,那么在第二次访问时,就会是新的Session对象;
2、当服务器关闭,Session还会一样吗?不会,内存释放掉了。
但是,在服务器启动后,虽然Session对象不一样了,但是对象里的数据是一样的。
- 钝化:服务器正常关闭后,Session对象被写入硬盘的文件中;
- 活化:服务器开启后,将文件还原为内存中的Session对象。
Session的生命周期
1、创建
request.getSession()
2、销毁
1)、服务器关闭;
2)、Session超时;(在conf/web.xml目录下设置的是所有Web项目的Session超时时间,如果要自定义当前项目的Session超时时间,可以在当前项目的web.xml中设置)
<!-- ==================== Default Session Configuration ================= -->
<!-- You can set the default session timeout (in minutes) for all newly -->
<!-- created sessions by modifying the value below. -->
<session-config>
<session-timeout>30</session-timeout>
</session-config>
3)、调用Session对象的invalidate()方法,Session自杀。
客户端禁用Cookie
如果客户端禁用了Cookie?
那么在会话过程中如何传递JSESSIONID,而且不能通过cookie的方式?
URL重写。
response.encodeRedirectURL()
package org.westos.demo3;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
/**
* @author lwj
* @date 2020/8/20 17:48
*/
@WebServlet(name = "ServletTest", value = "/servletTest")
public class ServletTest extends HttpServlet {
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
response.setContentType("text/html;charset=utf-8");
HttpSession session = request.getSession();
//第一次访问,如果未找到,返回新建的Session对象
System.out.println(session.getId());
String url = request.getContextPath() + "/servletTest2";
//重定向需要加上上下文路径
url = response.encodeRedirectURL(url);
System.out.println(url);
response.getWriter().write("<a href='" + url + "'>跳转到servletTest2</a>");
}
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request, response);
}
}
package org.westos.demo3;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
/**
* @author lwj
* @date 2020/8/20 17:48
*/
@WebServlet(name = "ServletTest2", value = "/servletTest2")
public class ServletTest2 extends HttpServlet {
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
response.setContentType("text/html;charset=utf-8");
HttpSession session = request.getSession();
System.out.println(session.getId());
response.getWriter().write("现在是ServletTest2的时间。");
}
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request, response);
}
}