Simple and clear forwarding and redirection ~~~, Forward redirection

Simple and clear forwarding and redirection ~~~, Forward redirection

There is an important difference between redirection and forwarding:

Forward ----- the JSP Container uses an internal method to call the target page. The new page continues to process the same request, and the browser will not know the process.

Redirection ------ the first page notifies the browser to send a new page request. In this case, the URL displayed in the browser changes to the URL of the new page, and the URL remains unchanged during forwarding.

Redirection is slower than forwarding because the browser has to send a new request. At the same time, because the redirection method generates a new request, after a redirection, the objects in the request will not be available.

 

How can I choose redirection or forwarding?

Generally, forwarding is faster and objects in the request can be kept. Therefore, it is the first choice.

However, after forwarding, the URL in the browser still points to the start page. If you reload the current page, the start page will be called again.

If you do not want to see such a situation, select redirect

What is the difference between forwarding and redirection?

Forwarding Method

: Request. getRequestDispatcher (). forward ();

Redirection Method

: Response. sendRedirect ();

 

Summary and comparison of request redirection implemented by the HttpServletResponse. sendRedirect method and request forwarding implemented by the RequestDispatcher. forward method:

 

1. The RequestDispatcher. forward method can only forward requests to components in the same WEB application. The HttpServletResponse. sendRedirect method can not only redirect to other resources in the current application,

You can also redirect resources in other applications on the same site, or even resources that are redirected to other sites using an absolute URL. If the relative URL passed to the HttpServletResponse. sendRedirect method is "/",

It is the root directory relative to the entire WEB site. If the relative URL specified when the RequestDispatcher object is created starts with "/", it is the root directory relative to the current WEB application.

 

2. After the access process of redirecting the HttpServletResponse. sendRedirect method is called, the URL displayed in the address bar of the browser changes from the initial URL address to the destination URL of the redirection, and RequestDispatcher. forward is called.

After the request forwarding process of the method is completed, the browser address bar keeps the initial URL address unchanged.

 

3. httpServletResponse. the sendRedirect method directly responds to browser requests. The response result is to tell the browser to re-send an access request to another URL, in this process, someone nicknamed "Browser" wrote a letter asking Michael to borrow money,

Zhang San replied that there was no money and asked the "Browser" to ask for a loan from Li Si and tell the current communication address of Li Si to the "Browser ". As a result, the "Browser" sent a letter to Li Si to borrow money based on the address provided by Zhang San. After receiving the letter, Li Si sent the money to the "Browser ". Visible, "Browser"

Two emails were sent and two replies were received. The "Browser" also knew that the money he borrowed came from Li Si. The RequestDispatcher. forward method forwards the request to another resource on the server. The browser only knows that the request is sent and the response is returned,

I am not sure that a forwarding behavior occurs inside the server program. This process is like a person nicknamed "Browser" who writes a letter to ask Michael to borrow money. Michael has no money, so Michael borrowed some money from Michael and even added some of his money, then, I sent the money to the browser"

. It can be seen that the "Browser" only sent a letter and received a reply. He only knew that he had borrowed money from Michael Jacob, but he did not know that some of the money was from Mr. Li.

 

4. requestDispatcher. the callers and callers of the forward method share the same request object and response object. They belong to the same access request and response process, while HttpServletResponse. the sendRedirect method callers and callers use their respective

The request object and the response object are two independent access requests and response processes. For the redirection between internal resources of the same WEB application, especially before the redirection, some pre-processing needs to be performed on the request, and the preprocessing must be passed through the HttpServletRequest. setAttribute method.

The RequestDispatcher. forward method should be used. The HttpServletResponse. sendRedirect method should be used for redirection between different WEB applications, especially when resources are redirected to another WEB site.

 

5. Either the RequestDispatcher. forward method or the HttpServletResponse. sendRedirect method, NO content can be actually output to the client before calling them. If the buffer has

And the content will be cleared from the buffer.

 

Do not use the session scope just to pass the variable to the next page, it will increase the scope of the variable without reason,

Forwarding may help you solve this problem.

Redirection:

All variables stored in previous requests are invalid and enter a new request scope.

Forwarding:

The variables stored in the previous request will not expire, Just Like splicing the two pages together.

 

Difference between session and Cookie

Cookies and sessions are similar in many aspects and are used to temporarily store visitor information. In many cases, both of them can be used to implement certain functions, the fundamental difference between the two is that the Cookie object stores information on the client, and the Session object is stored on the server. In terms of survival, the Cookie can be saved for a long time, and the Session lifetime is only until the Session ends; in ASP.. NET, the website designer can select the storage location of the Session, which can be stored in the memory of the Server, or in the SQL Server database. To save the Session to the database, you must go to Config. the web file specifies the location of the database. The Session can also be saved in the status server, and the status server can separately store the Session object content, even if ASP. NET Server process failed, status server can also save Session information. the default mode is stored in the server memory. however, a large amount of data will increase the load on the server. the Cookie is stored on the client. Users can view the Cookie file and perform similar modification and deletion operations on the Cookie file. Therefore, the security of Cookie data is hard to be guaranteed; session data is stored on the server, which provides better security. If used with the database, Session data can be maintained for a long time and be well secured.

How to Set session Timeout

Because the session value has not been set before, so that the newly logged-on website times out in less than one minute. To sum up, it turns out to be the cause of the session expiration. The following are three methods for setting the session time:

1. Define in the tomcat --> conf --> servler. xml file:

<Context path = "/test" docBase = "/test"
DefaultSessionTimeOut = "3600" isWARExpanded = "true"
IsWARValidated = "false" isInvokerEnabled = "true"
IsWorkDirPersistent = "false"/>
DefaultSessionTimeOut = "3600"

2. Define in web. xml:

<Session-config>
<Session-timeout> 20 </session-timeout>
</Session-config>

3. Define in the program:
Session. setMaxInactiveInterval (30*60 );
Set Unit to second, set to-1 and never expire

 

Methods for setting session invalidation

After logging on to the system, you will set a time when the current session expires to ensure that the user does not interact with the server for a long time, automatically exits the logon, and destroys the session.
The specific settings are simple and there are three methods:
(1) Add session. setMaxInactiveInterval (900) to the homepage or public page. The unit of the parameter 900 is seconds. That is, the session will expire after 15 minutes of no activity.
Note that the time set for this session is calculated based on the server, rather than the client. Therefore, if you are debugging a program, you should modify the server time for testing, rather than the client.
(2) It is also a common method to set the session expiration time, that is, to set the session expiration time in the project's web. xml.

<! -- Set the session to invalid. Unit: -->
<Session-config>
<Session-timeout> 1 </session-timeout>
</Session-config>

(3) set it directly on the application server. If it is tomcat, you can set it in the conf/web. the <session-config> element is found in xml. The default value of tomcat is 30 minutes. You only need to modify this value.

It should be noted that if all three of the above are set, there is a priority problem, from high to low :( 1)> (2)> (3)