一、实验目的
1. 掌握Servlet与JSP中,用户请求的获取、解析方法;
2. 掌握会话及跟踪方法(Session)、Cookies的使用;
3. 掌握访问数据库的方法。
二、实验内容与要求
1、模拟Web网站缓存用户的各类偏好设置情况,在Web页面登陆访问服务器后,服务器将用户在登录界面提交的表单数据进行缓存,进而将缓存数据返回给浏览器,供下一步操作处理。
2、使用Cookie和Session两种方式实现。
3、基本概念和原理:
(a)cookie:Cookie中文译文是饼干的意思,cookie是保存会话数据的一种技术,其容量有限;有生命周期,根据需求设置cookie有效期如果不进行设置的话,数据保存至浏览器关闭。它保存在浏览器的缓存中,数据是明文显示的通常只保存非敏感信息,未加密的数据会充分暴露给外界。Cookie通常是保存用户偏好设置、用户名、日期时间等数据。Cookie具体工作原理:
(1)浏览器向服务器发送请求
(2)服务器接收请求,生成一个cookie对象保存"标识"数据
(3)然后把cookie对象放在响应头,一并发回浏览器
(4)浏览器取出cookie对象的数据保存在浏览器的缓存中
(5)再次访问时请求头携带cookie数据发送到服务器
(6)服务器根据cookie的数据作出相应处理
cookie的应用场景通常是使用在“记住登陆状态”,即一次访问成功,在一定时间内可自动登陆,实现细节:比如登陆京东网站,首次登陆需要账号密码,登陆成功后手误关闭了浏览器,再次登陆京东时发现登陆状态还在,无需重输账号密码。即从login页面再次跳转到index页面时,servlet取出cookie的数据做匹配,配对成功则将【请求转发】给index页面,跳转成功。
(b)session:Session存在于服务端对客户端不可见,而cookie存在客户端,sessionId要依赖cookie进行转发。当第一次打开浏览器时,浏览器马上分配了一个sessionId给客户端,客户端发送请求给服务端时就,服务端记录此sessionId在本地,当客户端再次请求服务端时,它就是根据先前有效的sessionId做出相应的操作。每次客户端发来请求时,服务端根据cookie携带的sessionId来区分是哪个用户的会话。
三、实验步骤(含参考的核心代码与配置文件)
1、基于Cookie实现对用户表单信息的缓存,并将缓存结果返回用户浏览器, 业务逻辑说明:
(1)接收来自客户端的信息
(2)保存在cookie对象中
(3)添加到cookie到resopnse中
(4)页面转发到index页面的同时将cookie一并返回给浏览器
实现步骤:
登陆页面的设计:login.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>
<form action="ServletCookies" method="post">
<input type="text" name="username" /> <input type="password"
name="password" /> <input type="submit" value="提交" />
</form>
</body>
</html>
处理登陆表单信息的servlet:ServletCookie.java
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* Servlet implementation class ServletCookies
*/
@WebServlet("/ServletCookies")
public class ServletCookie extends HttpServlet {
private static final long serialVersionUID = 1L;
/**
* Default constructor.
*/
public ServletCookie() {
// TODO Auto-generated constructor stub
}
/**
* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
*/
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// TODO Auto-generated method stub
response.getWriter().append("Served at: ").append(request.getContextPath());
}
/**
* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
*/
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// TODO Auto-generated method stub
doGet(request, response);
//获取表单提交的username&password
String username = request.getParameter("username");
String password = request.getParameter("password");
//定义一个名为username,值为password的cookie
Cookie cookie = new Cookie(username, password);
//指定客户端返回的cookie路径
cookie.setPath("");
cookie.setComment("This is an Cookie");
response.addCookie(cookie);
request.getRequestDispatcher("index.jsp").forward(request, response);
}
}
转向页面:index.jsp
<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
pageEncoding="ISO-8859-1"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Insert title here</title>
</head>
<body>
Hello,this is an index page.
</body>
</html>
部署运行验证:
(1)启动Tomcat打开login.jsp:表单未提交前Request Header请求头为空;
(2)输入用户名,密码点击【提交】servlet 接收到请求头信息,将用户名密码存储在cookie中,servlet 将index页面和cookie一并返回给浏览器
(3)查看浏览器已经接收到的来自服务器的Cooike
实验结果:
2、基于Session实现对用户表单信息的缓存,并将缓存结果返回用户浏览器, 业务逻辑:
(1)获取表单提交的数据
(2)保存在User实体类中,获取当前登陆时间
(3)session储存User对象、登陆时间
(4)请求转发给index.jsp
实现步骤:
登陆表单页面:login.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>
<form action="ServletSession" method="post">
<input type="text" name="username">
<input type="password" name="password" >
<input type="submit" value="提交" >
</form>
</body>
</html>
存储登陆表单的JavaBean:User.java
/**
* 映射Form表单的username、password
* @author Administrator
*
*/
public class User {
private String username ="";
private String password ="";
public User(String username,String password){
this.username = username;
this.password = password;
}
public void setUsername(String username){
this.username = username;
}
public String getUsername(){
return username;
}
public void setPassword(String password){
this.password = password;
}
public String getPassword(){
return password;
}
}
处理登陆表单信息的servlet:ServletSession.java
import java.io.IOException;
import java.text.DateFormat;
import java.text.SimpleDateFormat;
import java.util.Date;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
/**
* Servlet implementation class ServletCookies
*/
@WebServlet("/ServletSession")
public class ServletSession extends HttpServlet {
private static final long serialVersionUID = 1L;
/**
* Default constructor.
*/
public ServletSession() {
// TODO Auto-generated constructor stub
}
/**
* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
*/
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// TODO Auto-generated method stub
response.getWriter().append("Served at: ").append(request.getContextPath());
}
/**
* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
*/
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String username = request.getParameter("username");
String password = request.getParameter("password");
User user = new User(username, password);
DateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
String dateTime = dateFormat.format(new Date());
//new 一个session来保存user、dateTime对象
HttpSession session = request.getSession();
session.setAttribute("user", user);
session.setAttribute("loginTime", dateTime);
session.setAttribute("sessionId", session.getId());
//请求转发
request.getRequestDispatcher("index.jsp").forward(request, response);
}
}
转向页面:index.jsp
<%@page import="java.text.DateFormat"%>
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<jsp:directive.page import="com.User"/>
<%User user = (User)session.getAttribute("user");
String dateTime = (String)session.getAttribute("loginTime");
String sessionId = (String)session.getAttribute("sessionId");
%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>
Hello,this is an index page.<p>
用户名:<%=user.getUsername()%><p>
密码:<%=user.getPassword()%><p>
登陆时间:<%=dateTime %><p>
SessionId:<%=sessionId %><p>
</body>
</html>
部署运行验证:
(1)启动Tomcat打开login.jsp:
(2)表单未提交前:可查看sessionID
(3)表单提交后成功跳转到index页面后,可查看服务器端收到的客户端信息
实验结果:
四、知识扩展
在用户管理系统中,实现:
(1)用户验证的数据来自数据库;
(2)将实现验证码功能;
(3)将已有的用户导出到Excel表中。