为了保证客户端用户唯一性 使用session 管理用户
Session基于Cookie技术,Session保存在服务器端(一般会设置有效期),SessionID保存在客户端.Session里面保存!!若干个!!!"键-值"对,可以通过 void setAttribute(java.lang.String name, java.lang.Object value) 来修改/添加
HttpSession session = request.getSession();
session.setAttribute("abc",new Integer(567));//新增属性 键:abc 值:new Integer(567)
session.setAttribute("jkl",new Person());//新增属性 键:jkl 值:new Person()
session.setAttribute("abc",new Double(5.67));//已经存在 键abc,将会修改该键对应的值
Session本质上也是一组"键-值"对 其中的"键"保存在客户端(钥匙)是字符串 其中的"值"保存在服务器端(保险箱)可以是Object类型
sessionID与session的关系:钥匙与银行保险箱 钥匙在客户端 保险箱在服务器端
URL重写:解决了关闭浏览器cookie产生的问题
!!!!!!!!!!!!!Session在关闭浏览器时会失效,在下次访问时不能获得同一个Session了
package main.server; import java.io.IOException; import java.io.PrintWriter; import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; /** * Servlet implementation class GetSession */ @WebServlet("/GetSession") public class GetSession extends HttpServlet { private static final long serialVersionUID = 1L; /** * @see HttpServlet#HttpServlet() */ public GetSession() { super(); // TODO Auto-generated constructor stub } /** * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response) */ protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html;charset=GBK"); PrintWriter out = response.getWriter(); String user = ""; //此处不新建session,只是去取已经创建的session HttpSession session = request.getSession(false); //如果session能够取到,说明用户已经登录 if(session!=null) { user = (String)session.getAttribute("abc"); out.println("获得创建的Session"); out.println("<BR>"); out.println("登录名:"+user); } //否则,说明用户没有登录,跳转到登录页面让用户登录 else { response.sendRedirect("../SessionLogin.htm"); } } /** * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response) */ protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // TODO Auto-generated method stub doGet(request, response); } }
package main.server;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
/**
* Servlet implementation class SetSession
*/
@WebServlet("/SetSession")
public class SetSession extends HttpServlet {
private static final long serialVersionUID = 1L;
/**
* @see HttpServlet#HttpServlet()
*/
public SetSession() {
super();
// TODO Auto-generated constructor stub
}
/**
* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
*/
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
//验证登录者身份,验证过程此处省略
//如果合法用户就产生一个session来放置其登录名
//如果用户输入了用户名,则将其放在session中
if(request.getParameter("userName")!=null)
{
HttpSession session = request.getSession();//没有Session就新建一个
session.setAttribute("abc",
request.getParameter("userName"));//在服务器端存储"键-值对"
}
response.setContentType("text/html;charset=GBK");
PrintWriter out = response.getWriter();
out.println("Session已经创建");
out.println("<BR>");
out.println("转到其他<A HREF=\"chap03.GetSession\">页面</A>");
}
/**
* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
*/
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// TODO Auto-generated method stub
doGet(request, response);
}
}
浙公网安备 33010602011771号