Cookie 饼干
1、什么是Cookie?
- Cookie是服务器通知客户端保存键值对的一种技术
- 客户端有了Cookie之后,每次请求都发送给服务器
- 每个Cookie的大小不能超过4kb
- Cookie是一个对象,构造器只有一个
2、如何创建Cookie?
![](https://img-blog.csdnimg.cn/1221a4eb99f94a4993c12cde52ef5272.png?x-oss-process=image/watermark,type_ZHJvaWRzYW5zZmFsbGJhY2s,shadow_50,text_Q1NETiBAdXBrYWnlsI_on7k=,size_20,color_FFFFFF,t_70,g_se,x_16)
cookie.html
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="pragma" content="no-cache" />
<meta http-equiv="cache-control" content="no-cache" />
<meta http-equiv="Expires" content="0" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Cookie</title>
<base href="http://localhost:8080/cookie_session/">
<style type="text/css">
ul li {
list-style: none;
}
</style>
</head>
<body>
<iframe name="target" width="500" height="500" style="float: left;"></iframe>
<div style="float: left;">
<ul>
<li><a href="cookieServlet?action=createCookie" target="target">Cookie的创建</a></li>
<li><a href="cookieServlet?action=getCookie" target="target">Cookie的获取</a></li>
<li><a href="cookieServlet?action=updateCookie" target="target">Cookie值的修改</a></li>
<li>Cookie的存活周期</li>
<li>
<ul>
<li><a href="cookieServlet?action=defaultLife" target="target">Cookie的默认存活时间(会话)</a></li>
<li><a href="cookieServlet?action=deleteNow" target="target">Cookie立即删除</a></li>
<li><a href="cookieServlet?action=life3600" target="target">Cookie存活3600秒(1小时)</a></li>
</ul>
</li>
<li><a href="cookieServlet?action=testPath" target="target">Cookie的路径设置</a></li>
<li><a href="" target="target">Cookie的用户免登录练习</a></li>
</ul>
</div>
</body>
</html>
BaseServlet
package com.guigu.servlet;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.lang.reflect.Method;
public abstract class BaseServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doPost(req, resp);
}
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
// 解决post请求中文乱码问题
// 一定要在获取请求参数之前调用才有效
req.setCharacterEncoding("UTF-8");
// 解决响应中文乱码问题
resp.setContentType("text/html; charset=UTF-8");
String action = req.getParameter("action");
try {
// 获取action业务鉴别字符串,获取相应的业务 方法反射对象
Method method = this.getClass().getDeclaredMethod(action, HttpServletRequest.class, HttpServletResponse.class);
// System.out.println(method);
// 调用目标业务 方法
method.invoke(this, req, resp);
} catch (Exception e) {
e.printStackTrace();
}
}
}
package coom.guigu.servlet;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
public class CookieServlet extends BaseServlet{
protected void createCookie(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//1、创建Cookie对象
Cookie cookie = new Cookie("key1","value1");
//2、通知客户端保存cookie
resp.addCookie(cookie);
resp.getWriter().write("Cookie创建成功");
}
}
3、如何获取Cookie?
服务器获取客户端的Cookie只需要一行代码:req.getCookie():Cookie[]
protected void getCookie(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
Cookie[] cookies = req.getCookies();
for (Cookie cookie : cookies) {
resp.getWriter().write("cookie["+cookie.getName()+","+cookie.getValue()+"]<br/>");
}
}
4、Cookie值的修改
方案一:
- 新创建一个Cookie对象
- 在构造器,同时赋予新的Cookie值
- 调用response.addCookie(cookie);
protected void updateCookie(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
Cookie cookie = new Cookie("key1","newValue1");
resp.addCookie(cookie);
resp.getWriter().write("key1的cookie已经修改好了");
}
方案二:
- 先查找需要修改的cookie对象
- 调用setValue()方法赋予新的Cookie值
- 调用response.addCookie()通知客户端保存修改
protected void updateCookie(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
Cookie cookie = new Cookie("key1","newValue1");
resp.addCookie(cookie);
resp.getWriter().write("key1的cookie已经修改好了");
}
5、Cookie生命控制
- cookie的生命控制是指如何管理Cookie对象什么时候被销毁(删除)
- setMaxAge()
正数,表示在指定的秒数后过期
负数,表示浏览器一关,Cookie就会被删除(默认值是-1)
零,表示马上删除Cookie
CookieUtils
package com.guigu.util;
import javax.servlet.http.Cookie;
public class CookieUtils {
/**
* 查找指定名称的Cookie对象
* @param name
* @param cookies
* @return
*/
public static Cookie findCookie(String name,Cookie[] cookies){
if(name == null||cookies.length == 0||cookies == null){
return null;
}else {
for (Cookie cookie : cookies) {
if(name.equals(cookie.getName())){
return cookie;
}
}
}
return null;
}
}
protected void defaultLife(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
Cookie cookie = new Cookie("defaultLife","defaultLife");
cookie.setMaxAge(-1);//表示浏览器关闭就删除
resp.addCookie(cookie);
}
protected void deleteNow(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
Cookie cookie = CookieUtils.findCookie("key1",req.getCookies());
if(cookie != null){
cookie.setMaxAge(0);//表示立即删除
resp.addCookie(cookie);
resp.getWriter().write("已经删除cookie");
}
}
protected void life3600(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
Cookie cookie = new Cookie("life3600","life3600");
cookie.setMaxAge(3600);//表示一个小时之后删除
resp.addCookie(cookie);
resp.getWriter().write("已经删除cookie");
}
6、Cookie有效路径Path的设置
Cookie的path属性可以有效地过滤哪些Cookie可以发送给服务器,哪些不发
path属性是通过请求的地址来进行有效的过滤。
CookieA path = /工程路径
CookieB path = /工程路径/abc
如请求地址如下:
http://ip:port/工程路径/a.html
CookieA 发送
CookieB 不发送
http://ip:port/工程路径/abc/a.html
CookieA 发送
CookieB 发送
protected void testPath(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
Cookie cookie = new Cookie("path1","path");
// req.getContextPath()得到的是工程路径
cookie.setPath(req.getContextPath()+"/abc");
resp.addCookie(cookie);
resp.getWriter().write("创建了一个带有path路径的Cookie");
}
7、Cookie练习--免输入用户名登录
login.jsp
<%--
Created by IntelliJ IDEA.
User: x2773
Date: 2021/11/22
Time: 14:55
To change this template use File | Settings | File Templates.
--%>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>Title</title>
</head>
<body>
${cookie}<br>
<%-- {key1=javax.servlet.http.Cookie@34f4fadc, Idea-98a77a05=javax.servlet.http.Cookie@6d4c4730, JSESSIONID=javax.servlet.http.Cookie@3c5519a4}--%>
${cookie.key1}<br>
<%-- javax.servlet.http.Cookie@34f4fadc 得到其中一个cookie--%>
${cookie.key1.value}<br>
<%-- value1 得到key1的value值--%>
<form action="loginServlet" method="get">
用户名:<input type="text" name="username" value="${cookie.username.value}"><br>
用户名:<input type="password" name="password"><br>
<input type="submit" value="登录">
</form>
</body>
</html>
LoginServlet
package com.guigu.servlet;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
public class LoginServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
String username = req.getParameter("username");
String password = req.getParameter("password");
if("wzg168".equals(username) && "123456".equals(password)){
//登录成功
Cookie cookie = new Cookie("username",username);
Cookie cookie1 = new Cookie("password",password);
cookie.setMaxAge(60*60*24*7);//一周内有效
resp.addCookie(cookie);
resp.addCookie(cookie1);
resp.getWriter().write("登陆成功");
}else {
//登录失败
resp.getWriter().write("登陆失败");
}
}
}
web.xml
<servlet>
<servlet-name>LoginServlet</servlet-name>
<servlet-class>com.guigu.servlet.LoginServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>LoginServlet</servlet-name>
<url-pattern>/loginServlet</url-pattern>
</servlet-mapping>
结果
Session会话
1、什么是Session会话?
- Session是一个接口(HttpSession)
- Session是一个会话,它是用来维护一个客户端和服务器之间关联的一种技术
- 每个客户端都有自己的一个Session会话
- Session会话中,我们经常用来用户登录之后的信息
- Cookie是在客户端,Session会话是在服务器端
2、如何创建Session和获取(id号,是否为新)
如何创建和获取Session,它们的API是一样的
request.getSesson()
第一次调用是:创建Session会话
之后调用都是获取前面创建好的Session会话对象
isNew()
判断是不是刚创建出来的(新的)
true表示是刚创建
false表示获取之前的创建
每个会话都有一个身份证,也就是ID值,而且这个ID是唯一的
getId() 得到Session的会话id值
package com.guigu.servlet;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
public class SessionServlet extends BaseServlet{
protected void createOrGetSession(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//创建和获取Session会话对象
HttpSession session = req.getSession();
//判断当前Session会话,是否是新创建出来的
boolean isNew = session.isNew();
//获取会话的唯一标识
String id = session.getId();
resp.getWriter().write("新创建的Session,它的ID是:"+id+"<br/>");
resp.getWriter().write("新创建的Session它是否是新创建的:"+isNew);
}
}
3、Session域数据的存取
/**
* 往 Session 中保存数据
* @param req
* @param resp
* @throws ServletException
* @throws IOException
*/
protected void setAttribute(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
req.getSession().setAttribute("key1","value1");
resp.getWriter().write("已经往 Session 中存储了数据");
}
/**
* 获取 Session 中的数据
* @param req
* @param resp
* @throws ServletException
* @throws IOException
*/
protected void getAttribute(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
Object attribute = req.getSession().getAttribute("key1");
resp.getWriter().write("从Session中获取到的key1的数据是:"+attribute);
}
4、Session生命周期控制
public void setMaxInactiveInterval(int interval)
设置Session的超时时间,超过指定的时长,Session就会被销毁,以秒为单位
public void getMaxInactiveInterval()
获取Session的超时时长
默认超时时长为 30分钟
正数,设置超时时长
负数,永不超时
设置马上超时,用到API:invalidate()
protected void defaultLife(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
int defaultTime = req.getSession().getMaxInactiveInterval();
resp.getWriter().write("默认的超时时长为:"+defaultTime+"秒");
}
protected void life3(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
HttpSession session = req.getSession();
session.setMaxInactiveInterval(3);
resp.getWriter().write("当前Session已经被设置超时时长为3秒");
}
protected void deleteNow(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
HttpSession session = req.getSession();
session.invalidate();
resp.getWriter().write("当前Session已经被设置超时时长为马上超时");
}
5、浏览器和服务器Session之间关联的技术内幕