Oracle knowledge-persistence in HTTP Servlet

Stateless HTTP protocol

1. Advantages and Disadvantages of stateless HTTP protocol

A) HTTP interaction is stateless.

Stateless means that when a browser sends a request to the server, the server responds, but the same browser sends the request to the server again, it will respond, but he does not know that you are the browser just now.

B) Advantages

I. The client browser does not notice a Server failure and restarts.

Ii. It responds quickly when the server does not need previous information

C) Disadvantages

I. There is no memory for transaction processing, which may increase the volume of data transferred each time.

Ii. It is difficult to collect information to produce a group of pages with good user experience.

2. Benefits of HTTP status

A) reduce data transmission volume

B) the authentication webpage can collect user authentication information

C) You can define your webpage access permissions.

Cookie Principles and Applications

1. Cookie

A) Definition:

It is a piece of information sent by the server to the customer, stored in the internal or hard disk of the client browser, and sent back to the client in subsequent requests to the server.

B) Cookie specifications:

I. Netscape specification (version 0): http://wp.netscape.com/newsref/std/cookie_spec.html

Ii. RFC2109 (HTTP status management mechanism, Version 1): http://www.ietf.org/rfc

C) Response Header:

Set-Cookie: NAME = VALUE; Comment = value; Domain = value; Max-Age = value; Path = value; Secure; Version = 1 * DIGIT

D) Others

The Cookie was invented by Netscape. Netscape is also the first company to develop browsers. In the early stages of the development of the Internet, Netscape has become the most popular browser by virtue of its preemptible advantage. However, due to the popularity of windows 95, Microsoft bound the IE browser to windows for sales, and Netscape gradually disappeared and was unknown. However, most Internet protocols and regulations are derived from Netscape products. The Cookie is followed by the Cookie. It is a piece of information sent by the server to the customer. It can be stored inside the client browser or on the hard disk, and then sent back to the client in subsequent requests to the server. Currently, there are two main types of Cookie specifications. One is the Netscape specification, which can be found at http://wp.netscape.com/newsref/std/cookie_spec.html. The other is RFC2109. Its specification file can be found at http://www.ietf.org/rfc. These two specifications define the form of cookie headers in the HTTP protocol. For example, the RFC2109 specification specifies the form of the response header. Name is the Name of the cookie, and vlue is its value. Name = value property-value pairs must first appear, and attribute values can appear in any order. The Comment attribute is optional because cookies may contain private information about users. This attribute allows the server to describe how to use the cookie. You can check the information and decide whether to join or continue the session. The Domain attribute is optional and is used to specify the Domain in which the Cookie is valid. The specified Domain must start with a dot. The Max-age attribute is optional and is used to define the Cookie survival time, in seconds. If this time is exceeded, the client should discard the cookie. If the specified number of seconds is 0, indicates that the cookie should be discarded immediately. The Path attribute is optional and is used to specify the URL subset under which the cookie is valid. The Secure attribute is optional and has no value. It is used to indicate that the browser uses a safe way to interact with the server. The Version attribute is required. Its value is a decimal integer that identifies the Version of the cookie in accordance with the State Management Specification. For RFC2109 Version, it should be set to 1.

2. Use Cookie Programming

A) Features

I. Record session trace content in key-value pairs

Ii. High Cookie persistence

Iii. Users can manually restrict the use of cookies

Iv. Session can be used to replace Cookie

3. Set a Cookie

A) create a cookie:

Cookie c = new Cookie ("MyName", "MyValue ");

B) Cookie method:

I. getConnment (), setComment (String purpose)

Ii. getDomain (), setDomain (String pattern)

Iii. getMaxAge (), setMaxAge (int expiry)

Iv. getName (), getValue ()

V. setValue (String newValue)

Vi. getPath (), setpath (String uri)

C) use cookies

I. Response. addCookie ()

Ii. Request. getCoonkie ()

4. instance-Logon Program

A) functions:

I. Use cookies to save user login information

Ii. log on for the first time and save the information to the client's hard disk.

Iii. Access again. Verify the user logon information first. The welcome information is displayed after the user passes the authentication.

B) steps:

I. Step 1: Compile LoginServlet. java and GreetServlet. java

Ii. Step 2: Compile the JAVA source file

Iii. Step 3: deploy the servlet

5. instance-LoginSerlvet

6. instance-GreetServlet

7. output the session to the browser

A) Cookie

I. Tracking browser-related sessions

Ii. Some browsers do not support

Iii. Some users do not use it for security reasons

B) rewrite the URL

I. Bind a session to a browser using the session ID of the request URL

Ii. It takes time to scan pages and URL redirection

Iii. Use encodeURL () and encodeRedirectURL ()

Session Principles and Applications

1. Session

A) Definition:

I. A collection of HTTP interactions from a browser to a server.

Ii. It is a collection of interactive data obtained by the Servlet accessed by the browser.

B) interfaces supported by javax. servlet. http. HttpSession.

2. HttpSession Interface

A) methods in the HttpSession Interface

I. public Object getAttribute (String name)

Ii. public void setAttribute (String name, Object value)

Iii. public void removeAttribute (String name)

Iv. public int setMaxInactiveInterval ()

V. public void invalidate ()

3. Additional instructions

A) when the Servlet runs, the session will be created.

B) Servlet can obtain the session object through the following method:

GetSession ()

C) Any servlet can request to create a session.

D) All servlets that process requests from the target browser can access information in the session.

E) The session will expire because the browser is inactive and times out.

4. Cookie and Session comparison

A) session

I. Created by the server

Ii. Information is saved by the server

Iii. Open a new browser to start a new session

B) Cookie

I. Fragment information sent by the server to the client is stored in the memory or hard disk of the client browser.

Ii. Information is saved by the client

Iii. multiple browsers can access the same cookie object during the cookie validity period.

Review cookies and sessions

Cookie stores a variable and corresponding value in a browser.

Cookie can be configured by the browser user.

Not all browsers support cookies.

You can use addCookie () and getCookie () to obtain the Cookie.

A session is a collection of data associated with interactions between the browser and the network server.

Each time a browser is opened, a new session object is created.

The following methods exist during session development:

GetSession ()

SetAttribute (key, value)

GetAttribute (key)