5-1 会话技术概述
会话技术:
从打开一个浏览器访问某个站点,到关闭这个浏览器的整个过程,成为一次会话,会话技术就是记录这次会话中客户端的状态与数据的。
会话分类:
会话技术分为Cookie和Session:
- Cookie:数据存储在客户端本地,减少服务器的存储的压力,安全性不好,客户端可以清除cookie
- Session:将数据存储到服务器端,安全性相对好,增加服务器的压力
5-2 Cookie的会话流程
Cookie简介:
Cookie:数据存储在客户端本地,减少服务器端的存储压力,安全性不好,客户端可以清除cookie
Cookie技术是将用户的数据存储到客户端的技术,分两方面学习:
- 服务器端怎样将一个Cookie发送到客户端
- 服务器端怎样接收客户端携带的Cookie
5-3 Cookie的创建与发送
服务器端向客户端发送一个Cookie:
1.创建Cookie:
Cookie cookie=new Cookie(String cookieName,String cookieValue);
注意:
Cookie中不能存储中文
2.向客户端发送cookie:
response.addCookie(Cookie cookie);
package net_zixue.cookie;
import javax.servlet.*;
import javax.servlet.http.*;
import javax.servlet.annotation.*;
import java.io.IOException;
@WebServlet(name = "CookieServlet", urlPatterns = "/cookie")
public class CookieServlet extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
Cookie cookie=new Cookie("goods","cup");//不能使用中文
cookie.setMaxAge(0);
cookie.setPath("/hello/getCookie");
Cookie cookie1=new Cookie("userName","xiaoming");
response.addCookie(cookie);
response.addCookie(cookie1);
}
}
5-4 Cookie的常见API
设置Cookie在客户端持久化时间:
cookie.setMaxAge(int seconds):-------时间秒
注意:如果不设置持久化时间,cookie会存储在浏览器的内存中,浏览器关闭cookie信息销毁(会话级别的cookie),如果设置持久化时间,cookie信息会被持久化到浏览器的磁盘文件里。
设置Cookie的携带路径:
cookie.setPath(String path);
注意:如果不设置携带路径,那么该cookie信息会在访问产生该cookie的web资源所在的路径都携带cookie信息
向客户端发送cookie:
response.addCookie(Cookie cookie);
删除客户端的cookie:
如果想删除客户端的已经存储的cookie信息,那么就使用同名同路径的持久化时间为0的cookie进行覆盖即可。
package net_zixue.cookie;
import javax.servlet.*;
import javax.servlet.http.*;
import javax.servlet.annotation.*;
import java.io.IOException;
@WebServlet(name = "GetCookieServlet",urlPatterns = "/getCookie")
public class GetCookieServlet extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
Cookie[] cookies = request.getCookies();
for (Cookie cookie : cookies) {
String name = cookie.getName();
if (name.equals("userName")){
String cookieValue = cookie.getValue();
response.getWriter().write("userName:"+cookieValue);
}
}
}
}
5-5 获取Cookie
服务器端怎么接受客户端携带的Coolie?
cookie信息是以请求头的方式发送到服务器端的。
1.通过request获得所有的Cookie:
Cookie[] cookies = request.getCookies();
2.遍历Cookie数组,通过Cookie的名称获得我们想要的Cookie
for(Cookie cookie : cookies){
if(cookie.getName().equal(cookieName){
String cookieValue = cookie.getValue();
}
}
5-6 实验6-记录网站上一次访问时间
package net_zixue.cookie;
import javax.servlet.*;
import javax.servlet.http.*;
import javax.servlet.annotation.*;
import java.io.IOException;
import java.text.SimpleDateFormat;
import java.util.Date;
@WebServlet(name = "TimeServlet", urlPatterns = "/time")
public class TimeServlet extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
//记录访问时间并其通过cookie加入到响应头
Date date = new Date();
SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyyMMdd-hh:mm:ss");
String time = simpleDateFormat.format(date);
Cookie cookie = new Cookie("time", time);
cookie.setMaxAge(60*60*24);
response.addCookie(cookie);
response.setContentType("text/html;charset=utf-8");
//获取客户端浏览器发送过来的cookie数据
Cookie[] cookies = request.getCookies();
String timeValue = null;
for (Cookie cookie1 : cookies) {
if (cookie1.getName().equals("time")) {
timeValue = cookie1.getValue();
}
}
if (timeValue == null) {
response.getWriter().write("欢迎您访问我们的网站");
} else {
response.getWriter().write("您上次访问网站的时间是:" + timeValue);
}
}
}
5-7 Session的会话流程
Session技术是将数据存储在服务器端的技术,会为每个客户端都创建一块内存空间存储客户的数据,但客户端需要每次都携带一个标识于Cookie,Session需要借助于Cookie存储客户的唯一性标识JSESSIONID
注意点:在Session这我们需要学习如下三个问题:
怎样获得属于本客户端session对象(内存区域)?
怎样向session中存储数据(session也是一个域对象)?
session对象的生命周期
5-8 Session对象的创建与获取
获得Session对象:
HttpSession session = request.getSession();
此方法会获得专属于当前会话的Session对象,如果服务器端没有该会话的Session对象会创建一个新的Session返回,如果已经有了属于该会话的Session直接将已有的Session返回(实质就是根据JSESSIONID判断客户端是否在服务器上已经存在session了)
package net_zixue.session;
import javax.servlet.*;
import javax.servlet.http.*;
import javax.servlet.annotation.*;
import java.io.IOException;
@WebServlet(name = "SessionServlet",urlPatterns = "/session")
public class SessionServlet extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
//第一次访问时没有session,服务器会自动创建一个session对象
//之后再次访问的时候已经存在了session对象,这个直接获取这个对象
HttpSession session = request.getSession();
String sessionId = session.getId();
response.getWriter().write("JESSIONID="+sessionId);
}
}
5.9 使用Session域对象存储数据
怎样向Session中存储数据(session也是一个域对象):
Session也是存储数据的区域对象,所以session对象也具有如下三个方法:
session.setAttribute(String name,Object obj);
session.getAttribute(String name);
session.removeAttribute(String name);
Session对象的生命周期:
创建:
第一次执行request.getSession()时创建
销毁:
- 服务器(非正常)关闭时
- session过期/失效(默认30分钟)
问题:时间的起算点,从何时开始计算30分钟?
从不操作服务器端的资源开始计时
可以在工程的web.xml中进行配置
<session-config>
<session-timeout>10</session-timeout>
</session-config>
package net_zixue.session;
import javax.servlet.*;
import javax.servlet.http.*;
import javax.servlet.annotation.*;
import java.io.IOException;
@WebServlet(name = "SaveSessionServlet",urlPatterns = "/save")
public class SaveSessionServlet extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
HttpSession session = request.getSession();
//创建一个cookie覆盖之前服务器自动生成的JSESSIONID
Cookie cookie = new Cookie("JSESSIONID", session.getId());
//设置持久化时间
cookie.setMaxAge(60*60);
response.addCookie(cookie);
session.setAttribute("goods","cup");
}
}
package net_zixue.session;
import javax.servlet.*;
import javax.servlet.http.*;
import javax.servlet.annotation.*;
import java.io.IOException;
@WebServlet(name = "GetSessionServlet",urlPatterns = "/getSession")
public class GetSessionServlet extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
//获取session
HttpSession session = request.getSession();
String goods = (String) session.getAttribute("goods");
response.getWriter().write(goods+"");
}
}
5.10 Session的生命周期
5.11 Session持久化
Session持久化:
由于Session的创建和获取是取决于Cookie中的JESSIONID决定的,所以如果Cookie被清除了,服务器就无法找到对应的Session了,因此如果想要持久化Session就必须对Cookie中的JESSIONID进行持久化。
package net_zixue.session;
import javax.servlet.*;
import javax.servlet.http.*;
import javax.servlet.annotation.*;
import java.io.IOException;
@WebServlet(name = "SaveSessionServlet",urlPatterns = "/save")
public class SaveSessionServlet extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
HttpSession session = request.getSession();
//创建一个cookie覆盖之前服务器自动生成的JSESSIONID
Cookie cookie = new Cookie("JSESSIONID", session.getId());
//设置持久化时间
cookie.setMaxAge(60*60);
response.addCookie(cookie);
session.setAttribute("goods","cup");
}
}
5.12 实验7-购物车简单应用
package net_zixue.session;
import javax.servlet.*;
import javax.servlet.http.*;
import javax.servlet.annotation.*;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
@WebServlet(name = "AddCartServlet",urlPatterns = "/addCart")
public class AddCartServlet extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
//1 获取到商品的信息
String name = request.getParameter("name");
// 2 需要保存商品信息到session
HttpSession session = request.getSession();
List list = (List) session.getAttribute("list");
//第一次访问的时候list不存在,需要创建一个list
if (list==null){
list=new ArrayList();
}
list.add(name);
session.setAttribute("list",list);
// session的持久化操作
Cookie cookie = new Cookie("JSESSIONID", session.getId());
cookie.setMaxAge(60*60*24);
cookie.setPath("/hello");
response.addCookie(cookie);
}
}
package net_zixue.session;
import javax.servlet.*;
import javax.servlet.http.*;
import javax.servlet.annotation.*;
import java.io.IOException;
import java.util.List;
@WebServlet(name = "GetCartServlet",urlPatterns = "/getCart")
public class GetCartServlet extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
HttpSession session = request.getSession();
List<String> list= (List<String>) session.getAttribute("list");
response.setContentType("text/html;charset=utf-8");
for (String s : list) {
response.getWriter().write(s+"<br/>");
}
}
}
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Insert title here</title>
</head>
<body>
<center>
<h1>商品列表</h1>
<a href="/hello/addCart?name=杯子">杯子</a><br>
<a href="/hello/addCart?name=书包">书包</a><br>
<a href="/hello/addCart?name=笔记本">笔记本</a><br>
</center>
</body>
</html>