会话管理基本原理
会话管理的背景:HTTP协议是无状态的,服务器不会记得多次请求之间的关系,但是有些功能需要多次请求来完成
Cookie
cookie是一种将会话信息保存在浏览器中, 进行管理
package servlet;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.Cookie;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
@WebServlet("/index.do")
public class index extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
Cookie[] cookies = req.getCookies();
for (Cookie cookie :
cookies) {
String name = cookie.getName();
String value = cookie.getValue();
if ("zzp".equals(name) && "123456".equals(value)) {
req.setAttribute(name, value);
req.getRequestDispatcher("/user.view")
.forward(req, resp);
return;
}
}
resp.sendRedirect("/html/login.html");
}
}
package servlet;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.Cookie;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
@WebServlet("login.do")
public class Login extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
String user = req.getParameter("name");
String passwd = req.getParameter("passwd");
if ("123456".equals(passwd) && user.equals("zzp")){
String login = req.getParameter("auto");
if ("auto".equals(login)){
Cookie cookie = new Cookie("zzp" , "123456");
cookie.setMaxAge(24*60*60);
resp.addCookie(cookie);
}
req.setAttribute("user" ,user);
req.getRequestDispatcher("/user.view")
.forward(req,resp);
}
else{
resp.sendRedirect("/html/login.html");
}
}
}
package servlet;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
@WebServlet("/user.view")
public class User extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
if (req.getAttribute("user") == null){
resp.sendRedirect("/html/login.html");
}
PrintWriter printWriter = resp.getWriter();
printWriter.print(req.getAttribute("user"));
printWriter.println("已经登录");
}
}
HttpSession
Session进行会话管理的原理是在服务器上储存客户端的信息
package servlet;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
public class see extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
String user = req.getParameter("user");
String passwd = req.getParameter("passwd");
req.getSession().setAttribute("login" , user);
}
}
package servlet;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpSession;
import java.io.IOException;
public class uu extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
HttpSession session = req.getSession();
}
}
原理
当运行 request 的getSession()时,web容器创建HttpSession对象,这个Session会默认存放在Cookie
中。
每次请求来到时,容器会根据发送过来的Session ID来取得对应的HttpSession