Cookies and Session__cookie

A, cookies      cookie is a technique that is used by a client to save a session (a session refers to an open browser that accesses multiple pages via hyperlinks, and then the entire process of closing the browser), which is a small amount of information that the servlet sends to a Web browser. This information is saved by the browser, and when the user accesses the resources in the server through the browser, the program writes each user's data as a cookie to the user's browser, which is saved in the client's cache by the browser, and when the user uses the browser again to access the Web resources in the server, The browser carries its own data, so the value of the cookie can uniquely identify a client. In this way, Web resources are dealing with each user's own data.       A cookie can only identify one message, it contains at least one name and value (value) that identifies the information, and a Web site can send multiple cookies to the browser. A browser can store cookies sent by multiple Web sites, with a maximum of 20 cookies per site for browsers, and no more than 300      1, Cookie API           Javax.servlet.http.Cookie class is used to create a cookie, and in Httpservletreponse, a method is defined: Addcookie (), This method is used to add a cookie to the response header, and, similarly, in HttpServletRequest, a getcookies () method is defined to obtain a client-submitted cookie      2, Cookie Properties          ①name indicates the name of the cookie, and the path differs by name from          ②value COO Kie value          ③maxage   This property represents the maximum lifetime of the cookie, in seconds, which, by default, is-1, that is, the cookie is cached in the browser. When the browser is closed, the cookie is cleared, and if 0, the cookie is deleted and, if positive, the cookie is still on the disk, and after the number of seconds that the value represents, the COOkie is cleared, even if the browser is closed during this time, the cookie will still be cleared after that number of seconds          ④path indicates the path of the cookie save, the default is the access path of the program that writes the cookie, Browser access to the server, according to the path to determine whether to carry cookies to access, if the current access path to the cookie path, the browser to carry the user cookie access, otherwise the above attributes have the corresponding getxxx () method and Setxxxx () method to set and get the following example of a cookie to display the last access time

Import java.io.IOException;
Import Java.io.PrintWriter;
Import Java.util.Date;
Import javax.servlet.ServletException;
Import Javax.servlet.http.Cookie;
Import Javax.servlet.http.HttpServlet;
Import Javax.servlet.http.HttpServletRequest;
Import Javax.servlet.http.HttpServletResponse; public class Cookdemo1 extends httpservlet{@Override protected void doget (HttpServletRequest req, HTTPSERVL
             Etresponse resp) throws Servletexception, IOException {resp.setcontenttype ("text/html;charset=utf-8"); Get the client's last access time cookie[] cookies = req.getcookies ()//Get client All Cookie objects PrintWriter out =
             Resp.getwriter (); for (int i = 0;cookies!= null && i < cookies.length; i++) {if ("Lasttime". Equals (Cookies[i
                           ].getname ()) {//Determine whether the current cookie is the desired object long time = Long.parselong (Cookies[i].getvalue ());
Out.write ("Your last visit is:" + new Date (time). toLocaleString ());                    }//Response cookie Cookie CK = new Cookie ("Lasttime", System.curren
       Ttimemillis () + "");//constructor passed in name and value Resp.addcookie (CK);  @Override protected void DoPost (HttpServletRequest req, HttpServletResponse resp) throws Servletexception,
       IOException {//TODO auto-generated Method Stub doget (req, resp); }
}

Second, HttpSession      httpsession is a server-side technology that uses this technology to create a unique HttpSession object for each user's browser at run time, Since a session can only be enjoyed by one user's browser, the server places the user's data in their session when accessing Web resources on the server, and when the user accesses other Web resources on the server, Other Web resources will take the data out of the user's session to serve the user.      session Since it was created by the server, how does it correspond to each session and user one by one? When the user first accesses the servlet under the server, the server creates a session for the user, which has an id attribute, and the value of the ID is randomly generated, and when this request is finished, Save the ID value into a cookie and respond to the browser through the response object, and wait until the browser accesses the resource under the server again, the cookie will go with the ID, and the server can find the user lock corresponding session based on this ID   The relationship between the    cookie and the session is dependent on the former, and the biggest difference is that the former can only save strings, the latter also save objects, in addition, session and ServletContext, request are the same domain objects      1, HttpSession common methods           The HttpSession object needs to call the GetSession () method in the Httpserlvetrequest object to get the session object, then it can be manipulated, the following is the common method          ①serattribute (String name, Object value);          ②getarrtibute (String name);          ③removeattribute (String name);          ④getID (); Get session id attribute          ⑤invalidate (); Invalidate current sessions          ⑥setmaxina Ctiveinterval (int interval) Set session lifetime      2, session status         creation: when the browser first Session is created when accessing dynamic resources of a server           Alive: When application runs, session is alive           death: when calling Inv Alidate () method or more than the survival time, session death, the default survival time is 30 minutes       Here's the problem, when we reboot the server, the previous sessions disappear, This is because there is no serialization of the objects saved in the session, only the class that corresponds to the object can implement the Serializable interface, the next time the server restarts, the previous session still exists