Session
- 概念:服务器端会话技术,在一次对话的多次请求间共享数据,将数据保存在服务器端的对象中。HttpSession
- 快速入门:
- 获取Session对象
* HttpSession session=request.getSession();
- 使用HttpSession对象:
* Object getAttribute(String name)
* void setArrtibute(String name,Object value)
* void removeAttribute(String name)
- 原理
* Session的实现是依赖于Cookie的
- 细节
1. 当客户端关闭后,服务器不关闭,两次获取的session是否为同一个
- 默认情况下,不是
- 如果需要相同,则可以创建Cookie。键为JSESSIONID,设置最大存活时间,让cookie持久化保存
- Cookie c=new Cookie("JSESSIONID",session.getId());
- c.setMaxAge(60*60);
- response.addCookie(c);
2. 客户端不关闭,服务器关闭后,两次获取的session是同一个吗?
* 不是同一个,但是要确保数据不丢失
* session的钝化
* 在服务器正常关闭之前,将session对象系列化到硬盘上
* session的活化
* 在服务器启动后,将session文件转化为内存中的session对象即可
3. session的失效时间
1. 服务器关闭
2. session对象调用invalidate()
3. session默认失效时间 30分钟
* 选择性配置修改 <session-config><session-timeout>30</session-timeout></session-config>
- session的特点
1. session用于存储一次会话的多次请求的数据,存在服务器端
2. session可以存储任意类型,任意大小的数据
* session与cookie的区别
- session存储数据在服务器端,Cookie在客户端
- session没有数据大小限制,Cookie有
- session数据安全,Cookie相对于不安全
Session使用
创建Session对象,存储Session对象
package cn.itcast.session;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
@WebServlet("/SessionDemo1")
public class SessionDemo1 extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
//使用session共享数据
// 1.获取session
HttpSession session=request.getSession();
// 2.存储数据
session.setAttribute("msg","hello session");
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
this.doPost(request, response);
}
}
获取session
package cn.itcast.session;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
@WebServlet("/SessionDemo2")
public class SessionDemo2 extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
//使用session共享数据
// 1.获取session
HttpSession session=request.getSession();
// 2.获取数据
Object msg=session.getAttribute("msg");
System.out.println(msg);
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
this.doPost(request, response);
}
}
session的保存,是在服务器上
package cn.itcast.session;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.*;
import java.io.IOException;
@WebServlet("/SessionDemo3")
public class SessionDemo3 extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// 1.获取session
HttpSession session=request.getSession();
System.out.println(session);
//期待客户端关闭后,session也能相同
Cookie c=new Cookie("JSESSIONID",session.getId());
c.setMaxAge(60*60);
response.addCookie(c);
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
this.doPost(request, response);
}
}