Session与Cookie
用户会话
服务器无法识别每一次http请求来自哪,它只会接收到一个请求信号,就会出现一种问题:将用户的响应发送给别人。所以必须有一种技术来让服务器知道请求来自哪,它就是会话技术。
会话:服务器与客户端之间发生的一系列连续发生的请求和响应的过程,打开浏览器操作到关闭浏览器的全过程。
会话状态:指服务器和浏览器在会话过程中产生的状态信息;借助于回话状态,服务器能够将属于同一次会话的一系列请求和响应关联起来。
实现会话有两种方式:
-
session
-
cookie
session
属于同一次会话的请求都有一个相同的标识符,sessionID
</head> <body> <% String sessionid=session.getId(); %> <%=sessionid%> </body> </html>
session的常用方法:
String getID() 获取sessionID
void setMaxInactiveInterval(int Interval) 设置session失效时间,单位为秒
int getsetMaxInactiveInterva() 获取当前session失效时间,单位为秒
void invalidate() 设置session立即失效
void setAttribute(String key,Object value) 通过键值对的形式来存储数据
Object getAttribute(String key) 通过键值对的形式来得到数据
void removeAttribute(String key) 通过键值对的形式来删除数据
登录实例loginservlet.java
public class loginservlet extends HttpServlet { private String myusername=null; private String mypassword=null; @Override public void init(ServletConfig config) throws ServletException { myusername=config.getInitParameter("username"); mypassword=config.getInitParameter("password"); } @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { } @Override protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { String username=req.getParameter("username"); String password=req.getParameter("password"); if (username.equals(myusername)&&password.equals(mypassword)){ HttpSession session = req.getSession(); session.setAttribute("username",username); req.getRequestDispatcher("welcome.jsp").forward(req,resp); } else { resp.sendRedirect("login.jsp"); } } }
登录页面login.jsp
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>Title</title>
</head>
<body>
<form action="login" method="post">
<table align="center">
<tr>
<td>用户名</td>
<td>
<input type="text" name="username" />
</td>
</tr>
<tr>
<td>密码</td>
<td>
<input type="password" name="password"/>
</td>
</tr>
<tr>
<td>
<input type="submit" value="登录">
</td>
<td>
<input type="reset" value="重置">
</td>
</tr>
</table>
</form>
</body>
</html>
welcome.jsp
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>Title</title>
</head>
<body>
<h1>欢迎回来!!</h1>
<%=session.getAttribute("username")%><a href="logout">退出登录</a>
</body>
</html>
注销实例logoutservlet.java
@WebServlet("/logout")
public class logoutservlet extends HttpServlet {
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
}
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
HttpSession session = req.getSession();
session.invalidate();
resp.sendRedirect("login.jsp");
}
}
web.xml
<servlet>
<servlet-name>login</servlet-name>
<servlet-class>ljx.loginservlet</servlet-class>
<init-param>
<param-name>username</param-name>
<param-value>admin</param-value>
</init-param>
<init-param>
<param-name>password</param-name>
<param-value>123456</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>login</servlet-name>
<url-pattern>/login</url-pattern>
</servlet-mapping>
Cookie
Cookie是服务器在http响应中附带给浏览器的一个小文本文件,一旦浏览器保存了这个cookie,在之后的请求和响应中,会将此cookie来回传递,这样就可以通过cookie这个载体完成客户端和服务器的数据交互。
-
cookie的创建
Cookie cookie = new Cookie("name", "tom"); response.addCookie(cookie);
-
cookie的读取
Cookie[] cookie=request.getCookies(); for(Cookie cookie1:cookie){ out.write(cookie1.getName()+":"+cookie1.getValue()+"<br/>"); }
-
cookie的常用方法
void setMaxAge(int age) 设置cookie有效时间,单位为秒
int getMaxAge() 获取cookie有效时间
String getName 获取cookie的name
String getvalue() 获取cookie的value
cookie的应用实例
登录实例login_cookie.java
@WebServlet("/login_cookie")
public class login_cookie extends HttpServlet {
private String myusername="admin";
private String mypassword="123456";
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
String username=req.getParameter("username");
String password=req.getParameter("password");
if (username.equals(myusername)&&password.equals(mypassword)){
Cookie cookie = new Cookie("name", username);
cookie.setMaxAge(60*60*24*7);//有效期为一周
resp.addCookie(cookie);
req.getRequestDispatcher("welcome_cookie.jsp").forward(req,resp);
}
else{
resp.sendRedirect("logincookie.jsp");
}
}
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
}
}
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>Title</title>
</head>
<body>
<form action="login_cookie" method="post">
<table align="center">
<tr>
<td>用户名</td>
<td>
<input type="text" name="username" />
</td>
</tr>
<tr>
<td>密码</td>
<td>
<input type="password" name="password"/>
</td>
</tr>
<tr>
<td>
<input type="submit" value="登录">
</td>
<td>
<input type="reset" value="重置">
</td>
</tr>
</table>
</form>
</body>
</html>
注销实例logout_cookie.java
package ljx; import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; @WebServlet("/ppt") public class logout_cookie extends HttpServlet { @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { Cookie[] cookies=req.getCookies(); for(Cookie cookie1:cookies){ if(cookie1.getName().equals("name")){ cookie1.setMaxAge(0); resp.sendRedirect("logincookie.jsp"); } } } @Override protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { } }
welcome_cookie.jsp界面
<%-- Created by IntelliJ IDEA. User: 86136 Date: 2022/3/16 Time: 19:16 To change this template use File | Settings | File Templates. --%> <%@ page contentType="text/html;charset=UTF-8" language="java" %> <html> <head> <title>Title</title> </head> <body> <% Cookie[] cookies=request.getCookies(); for(Cookie cookie1:cookies){ if(cookie1.getName().equals("name")){ out.write("欢迎回来!"+cookie1.getValue()+"<br/>"); } } %> <a href="ppt">退出登录</a> </body> </html>
cookie和session的区别
-
session是保存在服务器的
保存的数据是object
会随着会话的结束而结束
保存重要信息
-
cookie是保存在里浏览器的
保存的数据是String
不会随着会话的结束而结束,可以长期保存
保存不重要信息
存储用户信息:
-
存: session:setAttributelname"admin"
-
取:getAttribute("name")
-
生命周期:
服务端:只要WEB应用重启就销器。
客户端:只要测览器关闭就销毁。
-
退出登录: sessioninvalidate()
-
存: cookie:response.addCookie(new Cookie(name,"admin"))
-
生命周期:不随服务端的重启而销毁。客户端:默认是只要关闭浏览器就销败。我们通过setMaxAge)方法设置有效期,一旦设置了有效期。则不随浏览器的关闭看销毁,而是由说置的时间来决定。
-
退出登录:
