Javaweb Summary (vii)

Web state Management

-the HTTP protocol uses a stateless connection

-for containers, Every request comes from a new customer

Solution-form Hidden Fields

<typenamevalue= "...">

When the form is submitted, the specified name and value are included in the Get and post Data. Hidden fields are not rendered to the User's page appearance, instead they can store fixed names and values that are pinned to the server regardless of user Input. It has the following purposes:

-session tracking of user access on the Site.

-provides predefined input for server-side Programs.

-store dynamically generated page context Information.

Cons: only valid when each page is dynamically generated

Using hidden fields for session tracking

Solution-cookie

Cooike is the text message that the Web server sends to the client browser, which is sent by the server to the client browser after the first access to the server, and the browser returns the text information without changes when it accesses the same Web site or domain. By having the server read the information previously sent to the client, the Web application can provide a lot of convenience to the Visitor.

Solutions for HTTP Cookies

-save Values with cookies

// instantiate a cookie that is stored as a Key-value pair New Cookies (key,value); // Reset the value of the cookie Cookie.setvalue (newvalue); // set the life cycle of a cookie // a positive value indicates the number of seconds after which clearing cookie,0 indicates immediate clear cookie // a negative value indicates that the cookie is cleared after the browser is closed cookie.setmaxage (second); // return the cookie to the response Response.addcookie (cookie);

-get the value in the cookie

// get the cookie in the request cookie[] cookies = Request.getcookie (); // traversal of key-value pairs in a cookie for (Cookie cookie:cookies) {    = cookie.getname ();     = Cookie.getvalue ();     // gets the code after which the value is manipulated }

Solution-url rewrite

URL rewriting can be used when the browser does not support cookies or if cookies are Disabled. however, the Server-side program needs to do a lot of simple but tedious processing, because the site is referenced and returned to the user for each url, and even through the server redirection method, The additional information is Appended.

URL Rewriting solution

Session principle

-the server can create and maintain a session object for the client to hold the Data.

-at the same time that the session object is created, the server will generate a unique number for the session object, which is called SessionID

-the server stores SessionID on the client in a cookie Manner.

-when The browser accesses the server again, SessionID is taken to the server as cookie information, and the server can retrieve the previous session object and access it through the SESSIONID.

Workflow of Session

Session tracking mechanism

-users Send Requests

// gets the session object from the request HttpSession session = Request.getsession ();

-the server responds as follows

HTTP response Information

-send Request again

Httpsessoin interface

HttpSession is the Java Platform Implementation specification for the session mechanism, because it is only an interface, specifically implemented by each Web application server Provider. In general, the session is stored in memory, and when the server process is stopped or restarted, the session in memory is emptied (the Session object occupies the system resources).

-setAttribute (java.lang.String, java.lang.Object): binds an object with a name in the session Object.

-getattribute (java.lang.String): Gets the object saved in the Session object by Name.

-removeattribute (java.lang.String): deletes the object corresponding to a name in the Session.

-getcreationtime (): Returns the time when the session was first Created.

-getlastaccessedtime (): Returns the last time a container has requested the session ID.

-setmaxinactiveinterval (int interval): Specifies the maximum interval of time, in seconds, for a client request for a Session. -1 means never expire

-getmaxinactiveinterval (int interval): Returns the maximum interval of time for a customer Request.

-invalidate (): Session end, all session properties that currently exist in the session are also unbound.

-getId (): This method returns the unique identity for each session

Session Timeout Management

A simple way to destroy a session

-set Session Timeout.

-call the Invalidate () method on the session Object.

-end of application (crash or cancel Deployment)

Configuring in the Web. XML file

< Session-config >    < Session-timeout ></session-timeout></session-config >

Tip: Specify the session time-out in the Web. XML file, in Minutes. The time in the program is set in SECONDS.

Application and Session Domain-wide attribute comparisons

-in the context domain scope and session domain scope of the Web application, you can bind an object with a name to access it within the domain scope

-objects bound to the session range are maintained only during a continuous session

-objects bound in the application (application Context) are maintained throughout the Web application run

-all Use the same method: SetAttribute () and GetAttribute ()

Tip: objects that are saved within the scope of the application application have a longer maintenance time than the objects stored in the session domain, but both consume server system resources and should use domain objects with short maintenance time, or use RemoveAttribute () when not in use method to destroy the binding Object.

Session Persistence Management

The information of the session object is normally placed in the Server's memory, and the session information will be lost when the server is restarted due to a failure or when the Web application reloads. To avoid this, in some cases the server session data can be stored in the file system or database, such operations are called Session object Persistence. When the session object is persisted, the objects stored in it are stored in a serialized form, which is why the data stored in the session generally needs to implement the Serializable interface (java.io.Serializable);

Configure the Session management object with the child element manager of the context Element:

-the ClassName property is used to specify that the class that manages the session can be Standarmanager or persitentmanager.

-maxactivesession indicates that the maximum number of active session objects is allowed, 1 means no limit.

-maxinactiveinterval indicates the default maximum inactivity interval for the session, in SECONDS.

-pathname indicates that the file name of the session object is persisted when the server restarts or when the reload is applied, and if set to "", it is equivalent to shutting down the session persistence Mechanism.

URL rewriting

-the normal use of the session object depends on the cookie

-url address rewriting can obtain a session placed in a cookie and append the session ID to each URL that accesses the app.

Method of URL rewriting (append sessionid to URL Address)

-response.encodeurl ();

-response.encoderedirecturl ("/lovobook/otherservlet");

Tip: static HTML pages cannot implement URL rewriting because URL additions must be generated dynamically. And with URL encoding, the container first attempts to complete session management using a cookie, and URL rewriting is used only if the Cooike method fails.

Javaweb Summary (vii)