01_8_session
1. session总结
1.1服务器的一块内存(存key-value)
1.2和客户端窗口对应(子窗口)(独一无二)
1.3客户端和服务器有对应的SessionID
1.4客户端服务器端发送SessionID的时候两种方式
- cookie(内存cookie)
- rewrite URL
1.5浏览器禁掉cookie,就不能使用session(使用cookie实现session)
1.6如果想安全的使用session(不论客户端是否禁止cookie),只能使用URL重写(大大增加编程负担),很多网站要求客户端打开cookie
2.例子
2.1ShowSession.java
public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html; charset=utf-8"); PrintWriter out = response.getWriter(); String title = "Session Tracking Example"; HttpSession session = request.getSession(true); String heading; Integer accessCount = (Integer) session.getAttribute("accessCount"); System.out.println(accessCount); if (accessCount == null) { accessCount = new Integer(0); heading = "Welcom, Newcomer"; System.out.println(accessCount); } else { heading = "Welcome Back"; accessCount = new Integer(accessCount.intValue() + 1); } session.setAttribute("accessCount", accessCount); /*Integer access = (Integer) session.getAttribute("accessCount"); System.out.println(access);*/ out.println("<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">"); out.println("<HTML>"); out.println(" <HEAD><TITLE>Session追踪</TITLE></HEAD>"); out.println(" <BODY>"); out.print("<H1 ALIGN="CENTER">" + heading + "</H1>"); out.print("<H2 ALIGN="CENTER">Information on Your Session:</H2>"); out.println("<TABLE BORDER="1" ALIGN="CENTER"><TR><TH>Info Type</TH><TH>Value</TH></TR><TR><TD>Creation Time</TD><TD>" + new Date(session.getCreationTime())+ "</TD></TR><TR><TD>Time of Last Access</TD><TD>" + new Date(session.getLastAccessedTime()) + "</TD></TR><TR><TD>Number of Previous Accesses</TD><TD>" + accessCount+ "</TD></TR></TABLE>"); out.println(" </BODY>"); out.println("</HTML>"); out.flush(); out.close(); }
2.2SessionInfoServlet.java
public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html; charset=utf-8"); PrintWriter out = response.getWriter(); HttpSession session = request.getSession(true); out.println("<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">"); out.println("<HTML>"); out.println(" <HEAD><TITLE>Session Info Servlet</TITLE></HEAD>"); out.println(" <BODY>"); out.print("<H3>Session Information</H3>"); out.print("New Session:" + session.isNew()); out.println("<BR/>Session ID:" + session.getId()); out.println("<BR/>Session Creation Time:" + new Date(session.getCreationTime())); out.println("<BR/>Session Last Accessed Time:" + new Date(session.getLastAccessedTime())); out.println("<H3>Request Information</H3>"); out.println("Session ID from Request:" + request.getRequestedSessionId()); out.println("<BR/>Session ID Via Cookie:" + request.isRequestedSessionIdFromCookie()); out.println("<BR/>Session ID Via rewritten URL:" + request.isRequestedSessionIdFromURL()); out.println("<BR/>Valid Sesion ID:" + request.isRequestedSessionIdValid()); out.println(" </BODY>"); out.println("</HTML>"); out.flush(); out.close(); }
2.3URLSession.java
public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html; charset=utf-8"); PrintWriter out = response.getWriter(); HttpSession session = request.getSession(true); out.println("<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">"); out.println("<HTML>"); out.println(" <HEAD><TITLE>Session 追踪</TITLE></HEAD>"); out.println(" <BODY>"); out.print("session id:" + session.getId() + "<br/>"); out.print("from url:" + request.isRequestedSessionIdFromUrl() + "<br/>"); out.print("from cookie:" + request.isRequestedSessionIdFromCookie() + "<br/>"); out.println("<a href=" + response.encodeURL(request.getRequestURL().toString()) + "> test </a><br/>"); out.println("<a href=" + request.getRequestURL().toString() + "> test </a><br/>"); out.println(" </BODY>"); out.println("</HTML>"); out.flush(); out.close(); }