Shulou(Shulou.com)06/02 Report--

This article mainly explains "how to learn and master session and cookie". The content in the article is simple and clear, and it is easy to learn and understand. Please follow the editor's train of thought to study and learn "how to learn and master session and cookie".

1. Session and cookie study 1.1. Demand for technology

Take JD.com adding a shopping cart when he is not logged in as an example. Shopping on JD.com (not logged in) can be added to the shopping cart. At this time, there is a question: how does JD.com store the shopping cart items you added when you are not logged in? We must think of domain objects, request, ServletContext domain objects.

There is a problem with the request object: request is requested once, generated once, and will be released if the request continues, which means that request has one, which is in this request. This feature obviously doesn't work, because if you add an item to the shopping cart and then add another item, this is the second request, and the first request will be overwritten. Therefore, it is not feasible to add a shopping cart with a request domain object.

ServletContext domain object, this is also a problem, this object is global, no matter who adds the shopping cart, will be together, when paying the bill will find that you will pay the owner to add the shopping cart, which is obviously not desirable.

Our need is that when we add an item to the shopping cart, we can add it multiple times. That is to say, the server creates a personal space for us, which leads to another domain object, session object.

1.2. Conversational skills learning

Conversation technology: the whole process from opening a browser to visiting a site to closing the browser becomes a session. Session technology is to record the status and data of the client in this session.

There are two kinds of conversation technologies: cookie and session. Cookie, the data is stored locally on the client side, reducing the storage pressure on the server, the security is not good, the client can clear the cookie. Session stores data to the server, which is highly secure, but increases the pressure on the server.

1.3. Cookie technology learning

How does the server write a cookie to the client

How does the server get the cookie carried by the client?

1.3.1. Server sends a cookie to client

Create a cookie object

1Cookie cookie=new Cookie (String name,String Value)

Set the persistence time for cookie-the time for cookie information to be saved on the hard disk, which will be automatically deleted by cookie. If you do not set this cookie, it will be stored in memory, and the closed browser cookie information will be cleared.

1cookie.setMaxAge (60 / 10); / / 10 minutes

Set the cookie carrying path. If it is not set, each visit will carry the cookie of all websites, which will affect the browser speed.

1cookie.setPath (String path); 1cookie.setPath ("/ WEB16/sendCookie"); / / carry this cookie1cookie.setPath ("/ WEB16") only when accessing sendCookie resources; / / all resources under WEB16 can carry cookie.

If the carrying path is not set, the cookie information will carry the cookie information in the path where the web resource that generated the cookie is accessed.

Send cookie to client

1response.addCookie (Cookie cookie); 1.3.2. Get cookie from the client

Get the cookie data carried by the client, through the getCookies () method

1Cookies [] cookies=request.getCookies ()

Iterate through the array and use the equals () method to get the desired cookies

1if (cookies are null) {/ / use the array to determine that null can be 2 for (Cookie cookie:cookies) {3 String cookieName=cookie.getName (); 4 if (cookieName.equals ("name")) {5 String cookieValue=cookie.getValue (); 6 System.out.println (cookieValue); 7} 8} 9} 1.4. Case study-obtain the last browsing time 1.4.1 through Cookie. Write the last browse time to cookie

Get the current time and format the time

1Date date = new Date (); 2SimpleDateFormat format=new SimpleDataFormat ("yyyy-MM-dd hh:mm:ss"); 3String currentTime=format.format (date); / / format the current time

Create a cookie to record the latest access time

1Cookie cookie=new Cookie ("lastAccessTime", currentTime); 2cookie.setMaxAge (60 to 10500); / / set the time-to-exist of cookie 3response.addConkie (cookie); / / persist cookie

Get cookie---lastAccessTime from the client

1String lastAccessTime=null; 2 get cookie 3Cookie from request [] cookies=request.getCookies (); 4if (cookies are empty null) {5 for (Cookie coo:cookies) {6 if ("lastAccessTime" .equals (coo.getName () {7 lastAccessTime=coo.getValue (); 8} 9} 10}

To judge whether it is the first time to ask.

1response.setContextType ("text/html,charset=UTF-8"); 2if (lastAccessTime==null) {3 response.getWriter (). Write ("you are visiting for the first time"); 4} else {5 response.getWriter (). Write ("the time you last visited:" + lastAccessTime); 6} 1.5. Session technology 1.5.1. The realization principle of session Technology

Session technology is to store data on the server. The problem is how to know that the data stored on the server is the data you store.

Thus it can be seen that session technology is based on cookie technology to store session numbers-JSESSISION.

Create a session zone for the server that belongs to a client

Access data to the session area

1.5.2. Create a session session

Session belongs to the private session zone of the client. The request.getSession () method automatically determines whether the client already has a session on the server. If the client does not have a session on the server, a new session object will be created. If the client already exists, the session will session.

1HttpSession session=request.getSession (); 2String id=session.getId (); 3response.getWriter (). Write ("JESSIONID:" + id); / / print to the browser.

Assign a value to the session field

1session.setAttribute ("name", "jerry"); 1.5.3. Face-to-face examination questions on session conversation Technology

The difference between redirection and forwarding:

Redirect the request twice and forward the request once.

Declaration cycle of the session session

Create: created the first time request.getSession () is executed. (when the server executes to request.getSession (), it will check whether the cookie has a sessionId, get it if it does, and create one if it doesn't.)

Destroy: 1) when the server is shut down. 2) session expiration (default is 30 minutes) can be configured in web.xml.

Manual destruction: session.invalidate ()

Scope: by default, in a session, that is, any resource shares a session object in a session.

When the browser is closed, session is destroyed?

No, the session domain is on the server and has nothing to do with the client. It is destroyed in 30 minutes by default.

1.5.4. Persistence Technology of session

Why should session be persisted?

For example, start a browser, set the parameters, close the browser, restart, these parameters are lost again. Isn't that troublesome? Just like Baidu, which is not logged in, it sets the parameter that the browsing history is not visible. After setting it, it can ensure that the browsing record will not be seen by Baidu for a certain period of time, but after a period of time, the browsing record appears again. I think this uses the technology of session persistence. In addition, the verification of the verification code also needs to use the session technology, because it is stored in the request domain and will be lost once the verification is requested. If it is stored in the ServletContext () domain, it will become a global object, and the entire CAPTCHA for logging on to the site will be loaded, which is not in line with the technical specification, so the session domain is the appropriate domain.

How does session persist?

Session persistence is implemented by cookie. First of all, you need to enable cookie to store the id number of session for a long time, then you need to set the storage time of cookie, because cookie can store for longer, and closing the browser will not immediately disappear, so you can retrieve the cookie.

1String id=session.getId () / get session id2Cookie cookie=new Cookie ("JSESSIONID", id); / / create a cookie, in which thank you for reading, the above is "how to learn and master session and cookie" content, after the study of this article, I believe you have a deeper understanding of how to learn and master session and cookie this problem, the specific use of the situation also needs to be verified in practice. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.