Shulou(Shulou.com)06/02 Report--

This article will explain in detail what are the basics of session, and the content of the article is of high quality, so the editor will share it with you for reference. I hope you will have a certain understanding of the relevant knowledge after reading this article.

Introduction to session

Cookie was mentioned earlier, but cookie is saved in the client browser. If sensitive information is saved using cookie, it will cause security risks, so cookie is not suitable in some scenarios, and you can use session in this case.

Session technology is also used to save some important information of the user in the request, but the difference between session technology and cookie is that session is for the user's request, create an object on the server side, and then save the important data in the user's request in the object created by the server side. (sesion is saved in the server) so only the user does not close the browser, and the user accesses any page of the face-to-face website through the current browser, and the server will always use the current session to record data, so the session can be used as a container for the current user (browser) to store the data that needs to be shared on different pages.

In the web project, the server can create a session object (session object) for each user browser. By default, a browser monopolizes a session object, so when you need to protect user data, the server program can unload the user data to the session exclusive to the user browser. When the user accesses other programs using the browser, other programs can take the user's data from the user's session.

Three domain objects

Session is a domain object, and the so-called domain can be understood as a container with a boundary. Since it is a container, it can store things. Here, it stores data. Since there is a boundary, the data here is effective in a certain range. Let's compare the three domain objects in the web project:

ServletContext: represents the entire project, and the data stored in it can be used in any program of the current project

HttpServletRequest: represents the current request. When forwarding (because the forwarding is the same request, but the redirection is not), the data stored in the current request can be transferred to the next servlet or jsp for processing.

HttpSession: represents the container in which the user (browser) performs a series of operations on the current server, and data can be shared within each current user (browser).

A scene commonly used by session

After the login is successful, the login information is put into session, and then after the user operates other pages, the user's information can be displayed.

Get session object

You can get session through the HttpServletRequest object, and there are two ways to get it

Request.getSession ()

If the sesion does not exist, it is created

If session already exists, the current session object is returned

Request.getSession (boolean)

If the session object exists, the sesion object in the face is returned.

The session object does not exist and does not create a session, but returns a null

The effect of the parameter true is the same as that of the getSession () method.

Parameter is false

JsessionId

Each user can have their own session information, so how does the server identify each user's session object? In fact, because the server sends a cookie message with a key of JSEESSIONID for each user, the user will bring the cookie to the server when operating, so that the server can identify the session object for the current JSESSIONID.

Session cannot be used after the browser is closed

When the server responds to the data to the client, it sends the jsessionId of the session object to the browser as the key value of cookie. The cookie is session-level (temporary). The cookie can only exist while the browser is running. If the browser is closed, the information of cookie will be lost. When the browser is opened again, the server will no longer obtain the jsessionid information of the current user, and the session container for the current user cannot be found. So session is not available after the browser is closed.

What is the basis of session to share here, I hope that the above content can be of some help to you, can learn more knowledge. If you think the article is good, you can share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.