"Javaweb" Session (Turn)

Source: Internet
Author: User

In the following cases, the session ends the life cycle, and the servlet container releases the resources that the session occupies:
1. Client Close Browser
2.Session Expired
3. The server side calls the HttpSession invalidate () method.

"A browser is a new session, close the browser session is over"
Session is established on the server side, the browser access server will have a SessionID, browser side through the SessionID location server side session,session creation and destruction by the server side control. When the browser is closed, the session still exists on the server side, but your new browser to access the server will create another session, this time the SessionID is not the same. You will not be able to access the contents of the last session.

"Session creation and destruction by the server-side control", the server side only session, the client only through the SessionID to match the session.
How did the server-side session build? Normal HTML is not created, the JSP is created by default, as long as you access any one JSP will be created (but only once created), you close the browser re-access and create a, these sessions are created by the server to control the destruction, you can also be destroyed in the server-side code.


Under what circumstances do I need to use this server-side session mode?
By default, the JSP is accessed to create a session (the first is empty without data), and the code in your app is just put data into the session. Online said can be <%@ page session= "false"%> to not let JSP automatically create session. I tested it myself (with Sessionlistener), it didn't work, and the session was created successfully.
Finally, only the server side has a session. The client is stored locally as a cookie. However, the security is low. So we can't put the important data.


======================================================

Sesion is actually simple:
First Request.getsession (), when a session is associated with the previous request, returns a reference to the session, and generates one when it is not. A session is identified by a SessionID in the server. This means that there will be no two sessions of the same sessionid in a server.

So why does the session have to do with cookies?

As I said, for a session, its sessionid is the identity of its identity. If we save this sessionid to the client, the SessionID will be placed in the header of the request (that is, the cookie we are talking about) when the order is requested in the same session. It is not possible to verify that the request is the same as the previous request!

What is a conversation?
We can understand it in a popular sense. As long as your browers is not closed, we call this series of request and response a conversation. When you close, you say this session is over. Although the session is over, it does not mean that you are destroy. Because session is alive on the server. Its life is completely dominated by the server (the settings in Web. xml).
Although your session still exists on the server, you can no longer get it. Because the Java EE API only gives us a way to get a reference to the session associated with the current conversation: Request.getsession () or Reqeust.getsession (Boolean)
==============================================================


A common misconception is that the session is created when there is client access, but the fact is that it is not created until a statement such as Httpservletrequest.getsession (true) is called by a server-side program, and note that if the JSP does not display the use <% @page session= "false"%> the session is closed, the JSP file is automatically translated into a servlet with such a statement httpsession session = Httpservletrequest.getsession (TRUE);

This is also the origin of the hidden session object in JSP.

<********************** a bit contradictory place, in the end JSP display use <% @page session= "false"%> can let the server do not create SessionID it? Under test **************************&gt;
<%@ page session= "false"%>
Instead of having the page create a session, the session cannot be used on this JSP page. Network data transfer can be reduced.

"Javaweb" Session (Turn)

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.