Servlet-based session tracking (i)

1, the HTTP protocol is not state

When a client sends a request to the server, the server creates a unique identifier-id number for each client and sends the ID number to the client browser in response. When the browser requests again, and also send this ID number to the server, then the server can be through the customer ID to distinguish which customer.

2. Session Tracking

2.1. What is a conversation

A session mechanism is introduced in the Java Servlet API to track the status of customers. Session refers to a series of related interactions between a single customer and a Web server over a period of time (the current browser and server have multiple requests, response relationships, called a conversation). In one session, a customer may request access to the same Web page multiple times, or it may request access to various server resources.

2.2. How to conduct session tracking

The Javax.servlet.http.HttpSession interface is defined in the Servlet API, and the servlet container must implement this interface. When a session begins, the servlet container creates a HttpSession object and opens up a space in memory for it to hold information about the state of the customer (for example, a shopping cart) in the HttpSession object. The servlet container assigns a unique identifier to the httpsession, called a SessionID. The servlet container stores SessionID in the customer's browser. Each time the customer makes an HTTP request, the servlet container can read the SessionID from the HttpRequest object and then find the corresponding HttpSession object based on SessionID to obtain the customer's status information.

2.3, the creation and use of the session

The creation of a session

The Httprequestservlet object in the servlet provides us with two ways to create and get HttpSession objects.

(1) HttpSession session = Request.getsession (Boolean value);

(2) HttpSession session = Request.getsession ();

In the 1th method, when the Boolean value is True, the session is returned if there is a session associated with the current request. Otherwise, create a new session and return it. When the Boolean value is False, the session is returned if there is a session associated with the current request, or null is returned, and the session is no longer created.

The 2nd method is equivalent to the case where the Boolean parameter value is true in the 1th method.

Use of sessions

Methods that are defined in the Javax.servlet.http.HttpSession interface are most commonly used for data access.

Session.setattribute (String name,object value);

Session.getattribute (String name);

SetAttribute (String name,object value) saves an object value in a HttpSession object and assigns it a reference name of name, and when we want to use the data that is already stored in the sesion, We can take the data out using the Sesion.getattribute (String name) method. Where name is the reference name that we specify when we deposit the data.

Note: The return value of the Session.getattribute (String name) method is type object, so when we take out the data, we have to convert it to a data type, and we must match the data type we are depositing.

For example: String value = (string) session.getattribute ("Xinxin");

2.4. The existence period of the HttpSession object

Creation of 2.4.1, HttpSession objects

When the client browser accesses the server for the first time, the server creates a different HttpSession object for each browser. Use the Request.getsession () method on the server side to get the HttpSession object and use the HttpSession interface for the method we provide.

Use of 2.4.2, HttpSession objects

After the HttpSession object is created, the object is used to access the data for data delivery. The methods we use in this process are as follows.

void setattribute (String name,object value): Data is saved.

Object getattribute (String name): reads the data.

End of 2.4.3 and HttpSession objects

The session ends in the following situations

(1), close the browser, close session.

(2), call the HttpSession invalidate () method, delete HttpSession objects and data.

(3), two access intervals are greater than the inactive interval defined by the session.

For example: How often to automatically destroy session objects:

Session.setmaxinactiveinterval (seconds);

At the end of the session, the server empties the current browser-related data information.

3, HttpSession technology is not within the scope of the HTTP protocol, it is because the HTTP protocol can not meet the user's tracking of a technology, it is a Web container for the program to provide services.

The session is created by the server, the Web container, and we use Request.getsession () to get the HttpSession object. Use Session.setattribute () to save the data, and use Session.getattribute () to get the saved values in the session.

4, Serializable (serialization) interface, the benefits of serialization.

The Java language provides us with a serialization mechanism that converts an object that implements the serializable interface into a set of byte data and, when used, restores the byte data and reconstruct which object.

When the program is running, the object is generated, these objects will disappear as the program stops, but we want to save the objects so that they still exist after the program has been run, to allow the program to read these values again, or to use these saved objects in other programs, in which case We can use serialization to do this.

5, in the use of the session for data storage, to consider whether the data is appropriate to be stored in the session, if the current user is often used data, you can save the session, if the user only used once, no longer use or occasionally will use the data, Do not deposit in session, as this will increase the waste of system resources.

6, use session in the Web project, is to track the user status, and distinguish between different users.

7. The session was created by the Web container, not by the programmer code. When the client browser accesses the server for the first time, the server creates a session for the client.