文章目录
Cookie和Session(会话技术)
一、Cookie
1、Cookie概述
1.1、Cookie简介
- 将会话过程中的数据保存到用户的浏览器中。
- 服务端给客户端一个 信件,客户端下次访问服务端带上 信件 就可以了。
- 客户端技术(响应,请求)
- 用户打开一个浏览器,点击了很多超链接,访问多个web资源,关闭浏览器,这个过程可以称之为会话(Cookie)。
- 一个Cookie只能保存一个信息。
- 一个web站点可以给浏览器发送多个cookie,最多存放20个cookie。
- Cookie大小有限制4kb。
- 300个cookie浏览器上限。
- 一次会话中可以包含多次请求和响应。
1.2、Cookie的使用场景
- 常用来判断是否第一次登录,如果是你下次不用再登录了,第二次访问直接就上去了!
1.3、Cookie底层原理
2、Cookie的基本使用
- Cookie(name,value):Cookie的构造方法,以键值对的形式存放
- addCookie(cookie):添加Cookie
- getCookies():获取请求发送时的Cookie对象的数组
- getName():获取Cookie名称(键)
- getValue():获取Cookie的值
- setMaxAge(int expiry):设置Cookie的有效期,秒为单位,默认为-1永久存活(但是会在浏览器关闭时被删除),0为删除
- RegistServlet.java
@WebServlet(name ="RegistServlet", value ="/registServlet")publicclassRegistServletextendsHttpServlet{@OverrideprotectedvoiddoGet(HttpServletRequest request,HttpServletResponse response)throwsServletException,IOException{
request.setCharacterEncoding("utf-8");
response.setContentType("text/html;charset=UTF-8");// 获取前端传来的参数String username = request.getParameter("username");String password = request.getParameter("password");// 判断输入的账号和密码是否正确if(username.equals("root")&& password.equals("111")){// 创建Cookie对象,键值对形式存放Cookie cookie1 =newCookie("username", username);Cookie cookie2 =newCookie("password", password);// 设置cookie的存活时间
cookie2.setMaxAge(10);// 以秒为单位,默认为-1永久存活(但是会在浏览器关闭时被删除),0为删除// 在响应时添加cookie
response.addCookie(cookie1);
response.addCookie(cookie2);}}@OverrideprotectedvoiddoPost(HttpServletRequest request,HttpServletResponse response)throwsServletException,IOException{this.doGet(request, response);}}
- regist.jsp
<%@ page import="java.util.Arrays"%><%@ page contentType="text/html;charset=UTF-8" language="java"%><html><head><title>注册</title></head><body><%--编写 jsp 小脚本--%><%// getCookies():获取请求发送时的Cookie对象的数组Cookie[] cookies = request.getCookies();// 定义变量用于value的显示String username ="", password ="";// 判断获取来的cookie是否为空,不为空执行if(cookies !=null){// 遍历cookie数组里的数据for(Cookie cookie : cookies){/* System.out.println(cookie.getName());
System.out.println(cookie.getValue());*/// getName():获取Cookie名称(键),等于前端传来的username的值if(cookie.getName().equals("username")){// getValue():获取Cookie的值,将值赋给变量username,用于后面value的显示
username = cookie.getValue();}if(cookie.getName().equals("password")){
password = cookie.getValue();}}}%><form action="registServlet" method="post"><%--=变量名:JSP中的语法,获取变量的值,显示到前端 --%>
用户名:<input type="text" name="username" value="<%=username%>"><br>
密码:<input type="password" name="password" value="<%=password%>"><br><input type="submit" value="提交"></form></body></html>
3、Cookie实现显示用户上次访问时间
- LastServlet.java
@WebServlet(name ="LastServlet", value ="/LastServlet")publicclassLastServletextendsHttpServlet{@OverrideprotectedvoiddoGet(HttpServletRequest request,HttpServletResponse response)throwsServletException,IOException{
request.setCharacterEncoding("utf-8");
response.setContentType("text/html;charset=UTF-8");Cookie[] cookies = request.getCookies();// 获取所有cookieboolean flag =false;// 判断cookies是否为空// 访问过,cookies中会有时间if(cookies.length >0&& cookies !=null){//遍历cookie数组for(Cookie cookie : cookies){String name = cookie.getName();// 判断名称是否是lastTimeif("lastTime".equals(name)){// 有该cookie不是第一次访问
flag =true;// 响应数据与解码String value = cookie.getValue();
value =URLDecoder.decode(value,"utf-8");
response.getWriter().write("欢迎回来,您上次访问的时间为:"+ value);
cookie.setMaxAge(60*60*24*30);
response.addCookie(cookie);break;}}if(cookies ==null|| cookies.length ==0|| flag ==false){// 获取系统时间与编码String str_date =newSimpleDateFormat("yyyy年MM月dd日 HH:mm:ss").format(newDate());
str_date =URLEncoder.encode(str_date,"utf-8");// 设置cookie的valueCookie cookie =newCookie("lastTime", str_date);
cookie.setMaxAge(60*60*24*30);
response.addCookie(cookie);
response.getWriter().write("您好,欢迎您首次访问");}}}@OverrideprotectedvoiddoPost(HttpServletRequest request,HttpServletResponse response)throwsServletException,IOException{this.doGet(request, response);}}
4、Cookie编码与解码
由于Cookie不支持中文,我们需要进行编码与解码。
URLEncoder.encode("沈公子","utf-8");// 编码URLDecoder.decode(cookie.getValue(),"utf-8");// 解码
5、Cookie总结
- cookie作用 - cookie判断用户是否第一次登录,如果是第一次则需要登录,第二次之后则直接访问
- cookie有效期 setMaxAge(); - 不设置有效期关闭浏览器cookie将被删除- 有效期设置为0,删除cookie- 设置有效期,过期后cookie才会被删除
- cookie如何保存 - 一个cookie只能保存一个信息- cookie由浏览器保存
二、Session
1、Session概述
1.1、Session简介
- Session对象由服务器保存。
- Session是一种会话跟踪技术。
- Session是基于Cookie实现的。
- 服务器登记你来过了,下次你来的时候我来匹配你。
- 保存信息,通过SessionID访问,SessionID浏览器一打开就会存在。
- 服务器会给每一个用户(浏览器)创建一个Session对象。
- 一个Session独占一个浏览器,只要浏览器没有关闭,这个Session就存在。
- 用户登录之后,整个网站它都可以访问,保存用户的信息,保存购物车的信息。
- 同一次会话的多次请求间共享数据。 10.服务器关闭后,Tomcat会自动将Seesion数据写入硬盘文件中,再次启动服务器后,从文件中加载数据到Session中。
1.2、Session的使用场景
- 保存一个登录用户的信息
- 购物车信息
- 在整个网站中经常会使用的数据,我们将它保存在Session中
1.3、Session的底层原理
2、Session的基本使用
- getSession():获取Session
- setAttribute():给session设置键值对数据
- getAttribute():通过键获取session中的值
- removeAttribute():通过键移除session中的值
- getId():获取session的id
- invalidate():session失效,再次进入会重置Session的值
- web.xml配置Session的失效时间
<!-- 设置Session默认的失效时间 --><session-config><!-- 1分钟后Session自动失效,再次进入会重置Session的值,以分钟为单位 --><session-timeout>1</session-timeout></session-config>
- 测试1
@WebServlet(name ="SessionDemo01", value ="/SessionDemo01")publicclassSessionDemo01extendsHttpServlet{@OverrideprotectedvoiddoGet(HttpServletRequest request,HttpServletResponse response)throwsServletException,IOException{
request.setCharacterEncoding("utf-8");
response.setContentType("text/html;charset=UTF-8");// 获取sessionHttpSession session = request.getSession();// 给session设置键值对数据
session.setAttribute("name","沈公子222");// 获取session的id (JSESSIONID=D2EBCA814B8FC3249BCA47C96374A2F8)String sessionId = session.getId();// 判断session是否已存在if(session.isNew()){
response.getWriter().write("session创建成功,ID:"+ sessionId);}else{
response.getWriter().write("session已经在服务器中存在,ID:"+ sessionId);}// Session创建的时候做了什么事情,在响应中显示Cookie的值Cookie cookie =newCookie("JSESSIONID", sessionId);
response.addCookie(cookie);}@OverrideprotectedvoiddoPost(HttpServletRequest request,HttpServletResponse response)throwsServletException,IOException{this.doGet(request, response);}}
- 测试2
@WebServlet(name ="SessionDemo02", value ="/SessionDemo02")publicclassSessionDemo02extendsHttpServlet{@OverrideprotectedvoiddoGet(HttpServletRequest request,HttpServletResponse response)throwsServletException,IOException{
request.setCharacterEncoding("utf-8");
response.setContentType("text/html;charset=UTF-8");// 获取sessionHttpSession session = request.getSession();// 通过键获取session中的值Object name = session.getAttribute("name");
response.getWriter().print(name);}@OverrideprotectedvoiddoPost(HttpServletRequest request,HttpServletResponse response)throwsServletException,IOException{this.doGet(request, response);}}
- 测试3
@WebServlet(name ="SessionDemo03", value ="/SessionDemo03")publicclassSessionDemo03extendsHttpServlet{@OverrideprotectedvoiddoGet(HttpServletRequest request,HttpServletResponse response)throwsServletException,IOException{
request.setCharacterEncoding("utf-8");
response.setContentType("text/html;charset=UTF-8");// 获取sessionHttpSession session = request.getSession();// 通过键移除session中的值
session.removeAttribute("name");// session失效,再次进入会重置Session的值
session.invalidate();}@OverrideprotectedvoiddoPost(HttpServletRequest request,HttpServletResponse response)throwsServletException,IOException{this.doGet(request, response);}}
3、Session的登录案例
- login.html
<!DOCTYPEhtml><htmllang="en"><head><metacharset="UTF-8"><title>登录</title></head><body><formaction="LoginServlet"method="post">
用户名: <inputtype="text"name="username"><br/>
密码: <inputtype="password"name="password"><br/><inputtype="submit"value="提交"></form></body></html>
- User.java
publicclassUser{privateString username;privateString password;publicStringgetUsername(){return username;}publicvoidsetUsername(String username){this.username = username;}publicStringgetPassword(){return password;}publicvoidsetPassword(String password){this.password = password;}}
- LoginServlet.java
@WebServlet(name ="LoginServlet", value ="/LoginServlet")publicclassLoginServletextendsHttpServlet{@OverrideprotectedvoiddoGet(HttpServletRequest request,HttpServletResponse response)throwsServletException,IOException{
request.setCharacterEncoding("utf-8");
response.setContentType("text/html;charset=UTF-8");PrintWriter out = response.getWriter();String username = request.getParameter("username");String password = request.getParameter("password");if(("root").equals(username)&&("123123").equals(password)){User user =newUser();
user.setUsername(username);
user.setPassword(password);// 请求时获取Session,并将数据绑定进来
request.getSession().setAttribute("user", user);
response.sendRedirect(request.getContextPath()+"/IndexServlet");// /demo06_3/IndexServlet}else{
out.print("用户名或密码错误,登录失败,请重新登录<a href='/demo06_3/login.html'>返回登录</a>");}}@OverrideprotectedvoiddoPost(HttpServletRequest request,HttpServletResponse response)throwsServletException,IOException{this.doGet(request, response);}}
- IndexServlet.java
@WebServlet(name ="IndexServlet", value ="/IndexServlet")publicclassIndexServletextendsHttpServlet{@OverrideprotectedvoiddoGet(HttpServletRequest request,HttpServletResponse response)throwsServletException,IOException{
request.setCharacterEncoding("utf-8");
response.setContentType("text/html;charset=UTF-8");PrintWriter out = response.getWriter();// 创建或者获取保存用户信息的Session对象HttpSession session = request.getSession();// 获取传递的数据User user =(User) request.getSession().getAttribute("user");if(user ==null){
out.print("您还没有登录,请<a href='/demo06_3/login.html'>登录</a>");}else{
out.print("您已登录,欢迎你,"+ user.getUsername()+"!");
out.print("<a href='/demo06_3/LogoutServlet'>退出</a>");// 创建Cookie存放Session的标识号Cookie cookie =newCookie("JSESSIONID", session.getId());
cookie.setMaxAge(60*30);// 30分钟,session过期,需要重新登录// 设置Cookie的有效目录路径
cookie.setPath(request.getContextPath());// /demo06_3
response.addCookie(cookie);// Set-Cookie: JSESSIONID=315710819A1A3518B0CCDCDC061BBD64; Max-Age=60; Expires=Wed, 22 Mar 2023 03:24:40 GMT; Path=/demo06_3}}@OverrideprotectedvoiddoPost(HttpServletRequest request,HttpServletResponse response)throwsServletException,IOException{this.doGet(request, response);}}
- LogoutServlet.java
@WebServlet(name ="LogoutServlet", value ="/LogoutServlet")publicclassLogoutServletextendsHttpServlet{@OverrideprotectedvoiddoGet(HttpServletRequest request,HttpServletResponse response)throwsServletException,IOException{
request.setCharacterEncoding("utf-8");
response.setContentType("text/html;charset=UTF-8");// 获取Session时将Session对象中的User对象移除,并不是把Session的标识号给移除
request.getSession().removeAttribute("user");
response.sendRedirect(request.getContextPath()+"/IndexServlet");}@OverrideprotectedvoiddoPost(HttpServletRequest request,HttpServletResponse response)throwsServletException,IOException{this.doGet(request, response);}}
4、Session的购物案例
- Cake.java
publicclassCake{privateString id;privateString name;publicCake(){}publicCake(String id,String name){this.id = id;this.name = name;}publicStringgetId(){return id;}publicvoidsetId(String id){this.id = id;}publicStringgetName(){return name;}publicvoidsetName(String name){this.name = name;}}
- CakeDB.java
publicclassCakeDB{privatestaticMap<String,Cake> cake =newLinkedHashMap<>();static{
cake.put("1",newCake("1","A类蛋糕"));
cake.put("2",newCake("2","B类蛋糕"));
cake.put("3",newCake("3","C类蛋糕"));
cake.put("4",newCake("4","D类蛋糕"));
cake.put("5",newCake("5","E类蛋糕"));}// 获取所有的蛋糕publicstaticCollection<Cake>getAll(){return cake.values();}// 根据指定的id获取蛋糕publicstaticCakegetCake(String id){return cake.get(id);}}
- ListCakeServlet.java
@WebServlet(name ="ListCakeServlet", value ="/ListCakeServlet")publicclassListCakeServletextendsHttpServlet{@OverrideprotectedvoiddoGet(HttpServletRequest request,HttpServletResponse response)throwsServletException,IOException{
request.setCharacterEncoding("utf-8");
response.setContentType("text/html;charset=UTF-8");PrintWriter out = response.getWriter();// 获取所有蛋糕Collection<Cake> cakes =CakeDB.getAll();
out.write("本站提供的蛋糕有:<br>");// 遍历输出所有蛋糕for(Cake cake : cakes){// 获取蛋糕的idString url ="PurchaseServlet?id="+ cake.getId();// 获取蛋糕的名字和id,并跳转到 PurchaseServlet
out.write(cake.getName()+"<a href='"+ url +"'>点击购买</a><br>");}}@OverrideprotectedvoiddoPost(HttpServletRequest request,HttpServletResponse response)throwsServletException,IOException{this.doGet(request, response);}}
- PurchaseServlet.java
@WebServlet(name ="PurchaseServlet", value ="/PurchaseServlet")publicclassPurchaseServletextendsHttpServlet{@OverrideprotectedvoiddoGet(HttpServletRequest request,HttpServletResponse response)throwsServletException,IOException{
request.setCharacterEncoding("utf-8");
response.setContentType("text/html;charset=UTF-8");// 这个 Servlet 起到中转的作用,用来判断是否购买蛋糕,根据情况来重定向String id = request.getParameter("id");// 如果id为空,将重定向到 ListCakeServletif(id ==null){
response.sendRedirect("ListCakeServlet");return;}Cake cake =CakeDB.getCake(id);// 根据id获取蛋糕HttpSession session = request.getSession();// 获取sessionList<Cake> cart =(List<Cake>) session.getAttribute("cart");// 通过键获取session里的值// 如果session中的键的值为空,就创建列表,设置session数据if(cart ==null){
cart =newArrayList<>();
session.setAttribute("cart", cart);}
cart.add(cake);// 不等于空添加数据// session的设置Cookie cookie =newCookie("JSESSIONID", session.getId());
cookie.setMaxAge(60*30);
cookie.setPath("/Servlet");
response.addCookie(cookie);
response.sendRedirect("CartServlet");// 有蛋糕会重定向 CarServlet}@OverrideprotectedvoiddoPost(HttpServletRequest request,HttpServletResponse response)throwsServletException,IOException{this.doGet(request, response);}}
- CartServlet.java
@WebServlet(name ="CartServlet", value ="/CartServlet")publicclassCartServletextendsHttpServlet{@OverrideprotectedvoiddoGet(HttpServletRequest request,HttpServletResponse response)throwsServletException,IOException{
request.setCharacterEncoding("utf-8");
response.setContentType("text/html;charset=UTF-8");PrintWriter out = response.getWriter();List<Cake> cart =null;boolean purFlag =true;// 定义标识HttpSession session = request.getSession(false);// 如果session为空,标识为假if(session ==null){
purFlag =false;}else{// session不为空// 通过键获取session里的值
cart =(List<Cake>) session.getAttribute("cart");// 如果session中的键的值为空,标识为假if(cart ==null){
purFlag =false;}}// 如果标识为假if(!purFlag){
out.write("对不起,您还没有购买任何商品!<br>");}else{// 否则标识为真
out.write("您购买的蛋糕有:<br>");// 遍历输出蛋糕名称for(Cake cake : cart){
out.write(cake.getName()+"<br>");}}}@OverrideprotectedvoiddoPost(HttpServletRequest request,HttpServletResponse response)throwsServletException,IOException{this.doGet(request, response);}}
5、Session总结
- Session的作用 - 保存用户信息,购物车信息等
- Session的有效期 - SessionID浏览器一打开就会存在,关闭浏览器SeesionID会失效- 可以配置Session失效时间
- Session如何保存 - Session由服务器保存数据- Session可以保存和获取数据
三、Session和Cookie的区别
相同:
- Cookie和Session都是来完成一次会话多次请求间数据共享的。
不同:
- 存储位置:Cookie存储在客户端,Session存储到服务端
- 安全性:Cookie不安全,Session安全
- 数据大小:Cookie最大3KB,Session无大小限制
- 存储时间:Cookie可以长期存储,Session默认30分钟
- 服务器性能:Cookie不占用服务器资源,Session占用服务器资源
本文转载自: https://blog.csdn.net/s17856147699/article/details/129518579
版权归原作者 Shen-Childe 所有, 如有侵权,请联系我们删除。
版权归原作者 Shen-Childe 所有, 如有侵权,请联系我们删除。