会话技术介绍
-
为什么?
-
ServeltRequest域对象的共享范围太小了;
-
ServletContext域对象的共享范围太大了。
-
-
概述
-
当打开浏览器,访问网站地址后,会话开始,当关闭浏览器(或 者到了过期时间),会话结束。
-
-
分类
-
Cookie : 浏览器端的会话技术
-
数据保存在浏览器
-
-
Session : 服务器端的会话技术
-
数据保存在服务器
-
-
-
作用
-
在一次会话中,存储数据并实现共享。
-
Cookie概述:
-
-
Cookie对象,用于携带少量数据通过Servlet发送给浏览器,并且保存在浏览器,随后发送回服务器,所以往往用于会话管理;
-
Cookie对象,有必须属性name和value,还有一些可选属性path、a maximum age,不同的浏览器对可选属性的支持不太一样;
-
服务器发送Cookie给浏览器,是通过HttpServletResponse.addCookie操作响应头Set-Cookie来完成;
-
浏览器,同一时间,每个项目最多20个Cookie,总共300个Cookie,每个Cookie中的数据最多4KB;
-
浏览器发送Cookie给服务器,服务器是通过 HttpServletRequest.getCookies操作请求头Cookie来获取。
-
-
常用属性
-
name、value、path、a maximum age
-
Cookie基本使用:
/**
* 03-Cookie基本使用
* ①创建Cookie,并将其发送给浏览器保存
*/
@WebServlet("/demo01")
public class Demo01Servlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
Cookie cookie = new Cookie("msg","hello");
//操作响应头Set-Cookie
resp.addCookie(cookie);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
/**
* 03-Cookie基本使用
* ②获取浏览器发送过来的cookie
*/
@WebServlet("/demo02")
public class Demo02Servlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//获取浏览器发送过来的Cookie,通过请求头Cookie来获取
Cookie[] cookies = req.getCookies();
Cookie myCookie = null;
if (null == cookies || 0 == cookies.length) {
} else {
for (Cookie cookie : cookies) {
if ("msg".equals(cookie.getName())) {
myCookie = cookie;
}
}
}
if (null == myCookie) {
System.out.println("没有找到cookie");
} else {
System.out.println("name = " + myCookie.getName() + " , value = " + myCookie.getValue());
}
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
Cooki执行流程
Cookie相关配置
-
①值限制
-
Cookie 的值不能包含逗号、分号、空格,不能以$开头。
-
-
②存活时长限制
-
-1 : 默认值,会话结束,Cookie就销毁
-
正数:Cookie存活时长,以秒为单位
-
0 : 立即销毁Cookie
-
-
③访问路径限制
-
默认值:"/项目访问路径";设置什么时候需要携带Cookie
-
@WebServlet("/demo03")
public class Demo03Servlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
Cookie cookie = new Cookie("msg2","hello,2");//错误示范
resp.addCookie(cookie);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
/**
* 05-Cookie相关设置
* ②存活时长限制
*/
@WebServlet("/demo04")
public class Demo04Servlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
Cookie cookie = new Cookie("msg3", "hello3");
cookie.setMaxAge(7 * 24 * 60 * 60);
resp.addCookie(cookie);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
/**
* 05-Cookie相关设置
* ③访问路径限制
*/
@WebServlet("/demo05")
public class Demo05Servlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
Cookie cookie = new Cookie("msg4", "hello4");
cookie.setPath(req.getContextPath() + "/demo02");
resp.addCookie(cookie);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
Cooki的销毁:
开发步骤
-
①创建Cookie对象
-
指定name属性
-
-
②设置path属性
-
③设置maxAge=0
-
④将Cookie响应给浏览器
/**
* 06-Cookie的销毁
*/
@WebServlet("/demo06")
public class Demo06Servlet extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
//①创建Cookie对象
Cookie cookie = new Cookie("msg4", "aaa");
//②设置path属性
cookie.setPath("/day08/myDemo02");
//③设置maxAge=0
cookie.setMaxAge(0);
//④将Cookie响应给浏览器
response.addCookie(cookie);
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request, response);
}
}
Session介绍
-
-
Session对象,提供了一种方式可以在多个web页面之间实现存储数据并共享。
-
只不过在客户端保存的是一个特殊标识,而共享的数据保存到了服务器端的内存对象中。每次请求 时,浏览器都会将特殊标识携带到服务器端,根据这个标识来找到对应的内存空间,从而实现共享。
-
-
三大域对象
-
ServletRequest、HttpSesion、ServletContext
-
Session基本使用:
@WebServlet("/demo07")
public class Demo07Servlet extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
HttpSession session = request.getSession();
System.out.println("Demo07Servlet session = " + session.getId());
session.setAttribute("msg","hello");
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request, response);
}
}
@WebServlet("/demo08")
public class Demo08Servlet extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
HttpSession session = request.getSession();
System.out.println("Demo08Servlet session = " + session.getId());
Object msg = session.getAttribute("msg");
System.out.println("msg = " + msg);
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request, response);
}
}
@WebServlet("/demo09")
public class Demo09Servlet extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
HttpSession session = request.getSession();
System.out.println("Demo09Servlet session = " + session.getId());
session.removeAttribute("msg");
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request, response);
}
}
Session执行流程
Session相关配置
-
①生命周期
-
默认情况下,Session对象存活时长为30分钟;
-
可以通过在web.xml中,设置<session-config>来对session存活时长进行配置;
-
也可以通过session.setMaxInactiveInterval()进行配置
-
-
②session销毁
-
通过session.invalidate()方法进行销毁
-
生命周期
<session-config>
<session-timeout>1</session-timeout>
</session-config>
@WebServlet("/demo10")
public class Demo10Servlet extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
HttpSession session = request.getSession();
session.setMaxInactiveInterval(10);
System.out.println("Demo10Servlet session = " + session.getId());
session.setAttribute("msg","hello");
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request, response);
}
}
销毁
@WebServlet("/demo14")
public class Demo14Servlet extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
HttpSession session = request.getSession();
System.out.println("Demo14Servlet session = " + session.getId());
session.invalidate();
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request, response);
}
}
注意事项
-
当用户关闭浏览器,并没有销毁服务器中的Sesion对象,它会遵守web.xml中30分钟的默认存活时长;
-
但是,浏览器中的Cookie销毁了,意味着JSESSIONID没有了,意味着后续的请求,服务器认为是一个新的会话,所以会创建新的Session对象。