Chapter 2 _ session management

Source: Internet
Author: User

2.1 URL rewriting

URL rewriting is a session tracking technique. You need to add one or more tokens as a query string to a URL. The format of token is generally key = value.

URL? Key-1 = value-1 & Key-2 = value-2... & Key-N = value-n


2.2 hide a domain

Using hidden domains to maintain the state is similar to using URL rewriting technology. But instead of adding values to the URL, it places them in the hidden domain of the HTML form. When a user submits a form, the value of the hidden field is also transmitted to the server. Hidden fields are applicable only when a page contains a form or you can add a form to the page. This technology is better than rewriting the website because it can upload more characters to the server without the need for character encoding. However, like URL rewriting, this technology is applicable only when the information to be transmitted does not need to span multiple pages. The common hidden fields are used to display IDs, so that you can obtain the value displayed based on the ID during editing.


Cookie 2.3

Cookie is a small piece of information automatically transmitted between the Web server and the browser. Cookie applies to information that needs to span many pages. Because the cookie is embedded as an HTTP header, the transmission process is handled by the HTTP protocol. In addition, you can set the cookie validity period as needed. For Web browsers, each web server can support up to 20 cookies.

The disadvantage of cookies is that users can reject cookies by modifying their browser settings.

To use cookies, you must be familiar with the javax. servlet. http. Cookie class and several methods in the httpservletrequest and httpservletresponse interfaces.

To create a cookie, pass a name and a value to the constructor of the cookie class:

Cookie = new cookie (name, value );

For example, if you want to create a cookie for the selected language, you can write it as follows:

Cookie required ageselectioncookie = new cookie ("language", "Italian ");

After creating a cookie, you can set its domain, path, and maxage attributes. The maxage attribute is particularly worth noting because it determines the cookie validity period.

Httpservletresponse. addcookie (cookie );

When the browser sends a request to the same resource or to a server that cannot access the resource again, It also transmits the cookie received from the web browser back.

To access the cookie sent by the browser, you can use the getcookies method in httpservletrequest. This method returns a cookie array. If no cookie exists in the request, null is returned. To find a cookie with a name, You Need To iterate the array. The following example shows how to read a cookie named maxrecords.

Cookie[] cookies = request.getCookies() ;Cookie maxRecordsCookie = null ;if(cookies != null){for(Cookie cookie:cookies){if(cookie.getName().equals("maxRecords")){maxRecordsCookie = cookie ;break ;}}}

Unfortunately, the absence of the getcookiebyname method makes it easier to obtain cookies. Even more sadly, there is no way to directly Delete cookies. To delete a cookie, you need to create a cookie with the same name, set its maxage attribute to 0, and add a new cookie to httpservletresponse. Let's see how to delete a cookie named Username:

Cookie = new cookie ("username ","");

Cookie. setmaxage (0 );

Response. addcookie (cookie );


2.4 httpsession object

Httpsession is automatically created when a user visits a website for the first time. You can call the getsession method in httpservletrequest to obtain the user's httpsession. Getsession has two overload methods:

Httpsession getsession ()

Httpsession getsession (Boolean create)

The getsession method with no parameters returns the current httpsession. If no, create one and return it. The getsession (false) method returns the current httpsession (if any). If no, null is returned. The getsession (true) method returns the current httpsession (if any). If not, create a new one and return it. Getsession (true) is the same as getsession.

The value in httpsession is saved in memory.

The value added to httpsession is not necessarily a string and can be any Java object, as long as its class implements Java. io. serializable interface, so that when the servlet container deems it necessary, the stored object can be serialized into a file or saved to the database. For example, when the container memory is about to run out, you can still save non-serialized objects in httpsession, but if the servlet container tries to serialize them, it will end with a failure and throw an exception.

To be continued...

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.