The cookie&session of Javaweb (vi)

Brief introduction

Now every day to organize notes, the first is to consolidate knowledge, the second is to learn to become their own. Although the note content is very common, but master can these, become own knowledge, also is very good

Learning Skills

Cookies and Sessions learn to understand how and how to use the principles. The rest of the time to practice a lot of cases, increase the understanding of cookies and session

Cookie Object 0. Session Management

The session can be simply understood as: users open a browser, click on multiple hyperlinks, access server multiple Web resources, and then close the browser, the whole process is called a session session to solve the problem each user in the process of using the browser and the server session, inevitably each will produce some data, The server is trying to save this data for each user

1. Introduction to Cookies

What is Cookiecookie is client-side technology, where the server writes each user's data to the user's respective browser in the form of a cookie. When users use a browser to access Web resources on the server, they take their own data. In this way, the Web resources are processed by the user's respective data features are stored in the browser cache, unsafe, 300, every cookie size not more than 4 browser to the server Domain+path+name (only name is the same, to find value Your path. Startwith (Domain+path): If you start with path, name is also correct, this time through the cookie request hair to the server bottom implementation: The server to the client set-cookie:showtime=234212349

2. Create a cookie

Create a cookie to get the client to send the Cookiecookie []cookies= request.getcookies ();   Cookie:name=value request the header server to write back a cookie to the browser cookie cookie = new Cookie ("name", "value"), Response.addcookie (cookie instance); Data storage format in cookie file Showtime   1421718610521     localhost    /day09_00_showtime/servlet/name       value     Domain       Path

3. URL features that can be accessed

1.Cookie can be accessed to match: Myurl.startwith (Domain+path) exactly matches   and then find name also matches, at which point access to valuehttp://localhost:8080/day09_00_ Showtime/servlet/abc/showtimeservletdemo5  //To Http://localhost:8080/day10_00_cookie/servlet/ShowTimeServlet  //Do not give http://localhost:8080//day09_00_showtime/ShowTimeServlet    // Do not give 2. The cookie is determined by the browser, depending on the Myurl.startwith (Domain+path) exact match to determine the unique cookiedomain+path+namelocalhost/day05_01_cookie/ servlet/   + lastaccesstime

4. Attributes in Cookies

Name: (must) Value: (must) cannot be Chinese maxage: (optional) Maximum survival time. The default is the session. Units are seconds path: (optional) path The default path for a cookie is: the access path of the servlet that wrote the cookie. The path to the servlet that writes the cookie is: String path =/day05_01_cookie/servlet/If the path is accessed. Startwith, the browser will bring the cookie just written to the server. Domain: (optional) name comment: (optional) Comment version: (optional) Revision number

5. Server and client read and write cookies

How the server writes Cookie:HttpServletResponse.addCookie (Javax.servlet.http.Cookie) to the client (actually writes a Set-cookie response message header) The browser can save up to 20 cookies (a limited number of cookies) for a website and the total number of cookies cannot exceed 300. Each cookie cannot exceed 4KB in size. How the server takes out the Cookie:HttpServletRequest.getCookies () from the client (actually getting the request message header with the name cookie)

Session Object 1. What is HttpSession?

The servlet container uses this interface to create a session between the HTTP client and the HTTP server. The session retains the specified time period, across multiple connections or page requests from the user. A session usually corresponds to a user who may visit a site multiple times. Servers can maintain sessions in a variety of ways, such as using cookies or rewriting URLs

2. session and Cookie Differences

The main difference between a session and a cookie is that a cookie is a browser session technology that writes a user's data to a user, and the session object is created by the server when the user's data is written to the user's exclusive session. Developers can invoke the GetSession method of the request object to get the session object to create a session instead of accessing a page, but instead encounter the statement request: GetSession (); it creates a session.

3. Get session

The two methods are the same, first judging there is no, there is a direct return, did not create a new httpsession session =  request.getsession (); HttpSession session = Request.getsession (true); only fetch, no return null, one less created work HttpSession session = Request.getsession (FALSE) ;

4. Session Implementation principle

Like a cookie, just don't send data, send a jsessionid number if the browser sends a jsessionid like the server Jsessionid, it is the same session, The data is now present in this session set-cookie:jsessionid=23354354543543   response header cookie:jsessionid=23354354543543       The request header session is to use it as a domain object to   maintain a map set SetAttribute ("Key", object) internally, using (that is, a session process); object value = GetAttribute (key); RemoveAttribute (key), survival time: 30 minutes (idle) will be destroyed------------> (Specific configuration, Tomcat installation directory/conf/web.xml  ---- Search () session.invalidate ();//Forced destruction

5. Resolve issues caused by servlet sharing data after disabling cookies

Case (refer to code article)

Cookie case Display time save user name display recent browsing record session use session to complete user login using session to implement a one-off verification code using the session to prevent the form of repeated submissions

Shopping Cart

The cookie&session of Javaweb (vi)