客户端会话技术cookie,session
会话概念
客户端和服务端建立连接后多次请求和响应,直到其中一方断开连接被称为一次会话
客户端会话技术:cookie 服务器端会话技术:session
- 服务端给客户端一个cookie,客户端下次访问服务端带上cookie
- 服务器通过seesion登记客户相关访问信息,下次访问即可直接获取客户相关信息
cookie
- 从请求中获取到cookie信息
- 服务器响应给客户端cookie
- cookie一般会保存在本地的 用户目录 下appdata
- 一个cookie只能以键值对形式保存一个信息
- 一个web服务器可以给浏览器发送多个cookie,最多存放20个
- cookie大小限制4kb
- 浏览器上限为300个cookie
删除cookie:
- 不设置有效期,关闭浏览器时自动失效
- 设置有效期为0,存放后立即失效
// 获得cookie
Cookie[] cookies = req.getCookies();
// 获得cookie中的key
cookie.getName()
// 获得cookie中的value
cookie.getValue()
// 新建一个cookie
Cookie password = new Cookie("password", "123456");
// 设置cookie的有效期
cookie.setMaxAge(24*60*60);
// 响应给客户端一个cookie
resp.addCookie(password);
package com.lmy;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.net.URLDecoder;
import java.net.URLEncoder;
/**
* @author : liu ming yong
* @date : 2022/10/6 下午 1:06
* @description : 客户端会话技术cookie
*/
public class MyCookie extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
req.setCharacterEncoding("GBK");
resp.setCharacterEncoding("GBK");
PrintWriter writer = resp.getWriter();
Cookie[] cookies = req.getCookies();
if (cookies!=null) {
for (Cookie cookie : cookies) {
if ("userName".equals(cookie.getName())) {
writer.print(URLDecoder.decode("你已经成功登录了:"+cookie.getValue(),"UTF-8"));
break;
} else {
writer.print(URLDecoder.decode("欢迎首次访问,注入登录信息","UTF-8"));
Cookie userNameCookie = new Cookie("userName", URLEncoder.encode("刘明勇","UTF-8"));
resp.addCookie(userNameCookie);
Cookie password = new Cookie("password", "123456");
resp.addCookie(password);
}
}
} else {
writer.print(URLDecoder.decode("欢迎首次访问,注入登录信息","UTF-8"));
Cookie userNameCookie = new Cookie("userName", URLEncoder.encode("刘明勇","UTF-8"));
resp.addCookie(userNameCookie);
Cookie password = new Cookie("password", "123456");
resp.addCookie(password);
}
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
session(重点)
什么是session?
- 服务器会给每一个用户(浏览器)创建一个session对象
- 只要浏览器没关闭且未手动注销session,这个session就存在
- 每一个session有一个唯一标识sessionId,这个标识用cookie进行保存
package com.lmy;
import javax.servlet.ServletException;
import javax.servlet.http.*;
import java.io.IOException;
/**
* @author : liu ming yong
* @date : 2022/10/7 下午 1:46
* @description : 客户端会话技术session
*/
public class MySession extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
// 设置字符编码
req.setCharacterEncoding("UTF-8");
resp.setCharacterEncoding("UTF-8");
resp.setContentType("text/html;charset:utf-8");
// 获取session
HttpSession session = req.getSession();
// session中存数据
session.setAttribute("name","张三");
// 获取sessionId
String id = session.getId();
// 判断sessionId是否新创建
boolean aNew = session.isNew();
if (aNew) {
resp.getWriter().write("你新创建了一个session:"+id);
} else {
resp.getWriter().write("session已经存在了:"+id);
}
// 在创建session时服务器将唯一标识sessionId保存进cookie中响应给了浏览器,在下次请求时cookie又带上sessionId
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
package com.lmy;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
/**
* @author : liu ming yong
* @date : 2022/10/7 下午 2:07
* @description : session获取内容
*/
public class MySession2 extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
// 设置字符编码
req.setCharacterEncoding("UTF-8");
resp.setCharacterEncoding("UTF-8");
resp.setContentType("text/html;charset:utf-8");
// 获取session
HttpSession session = req.getSession();
// session中获取保存的数据
String name = (String) session.getAttribute("name");
resp.getWriter().write("name:"+name);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
package com.lmy;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
/**
* @author : liu ming yong
* @date : 2022/10/7 下午 4:17
* @description : 移除和注销session
*/
public class MySession3 extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
HttpSession session = req.getSession();
// 移除保存在session中的值
session.removeAttribute("name");
// 手动注销session
session.invalidate();
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee
http://xmlns.jcp.org/xml/ns/javaee/web-app_4_0.xsd"
version="4.0"
metadata-complete="true">
<servlet>
<servlet-name>cookie</servlet-name>
<servlet-class>com.lmy.MyCookie</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>cookie</servlet-name>
<url-pattern>/cookie</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>session</servlet-name>
<servlet-class>com.lmy.MySession</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>session</servlet-name>
<url-pattern>/session</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>session2</servlet-name>
<servlet-class>com.lmy.MySession2</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>session2</servlet-name>
<url-pattern>/session2</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>session3</servlet-name>
<servlet-class>com.lmy.MySession3</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>session3</servlet-name>
<url-pattern>/session3</url-pattern>
</servlet-mapping>
<session-config>
<!--设置session过期时间,单位/分钟-->
<session-timeout>1</session-timeout>
</session-config>
</web-app>
session和cookie的区别
- cookie是把用户的数据响应给客户端(浏览器),浏览器保存
- session是把用户的数据保存到用户独占的session中,服务器端保存
- session对象由服务创建
使用场景
- 保存登录用户信息
- 在网站中经常会使用的数据