域
一个完整的、有独立访问路径的功能集合称为一个域。
域信息,有时也称为多级域名。
域以IP、端口、域名、主机名为标准实现划分。
例如百度下的若干个域:搜索引擎(www.baidu.com),百度贴吧(tie.baidu.com),百度知道(zhidao.baidu.com),百度地图(map.baidu.com)等。
跨域
客户端请求的时候,请求服务器的IP、端口、域名、主机名只要有一个相同,都称为跨域。
session跨域
默认情况下session是不能跨域的。
Session跨域就是摒弃了系统(Tomcat)提供的Session,而使用自定义的类似Session的机制来保存客户端数据的一种解决方案。
实现方法的原理
通过设置cookie的domain来实现cookie的跨域传递。在cookie中传递一个自定义的session_id。这个session_id是客户端的唯一标记。将这个标记作为key,将客户端需要保存的数据作为value,在服务端进行保存(数据库保存或NoSQL保存)。这种机制就是Session的跨域解决。
set-cookie虽然在响应头中存在,但是在跨域的时候出于安全考虑,该头会被浏览器忽略,并不会产生真实的cookie。而Cookie 的domain属性设置域之后,那么子域可以访问父域的cookie,而父域不可以访问子域的cookie。可以说cookie的domain访问权限是向下继承的,当然其它域名跨域名访问也是不可以的。
domain设置为b.e.f.com.cn或.b.e.f.com.cn没有区别。
跨域设计的思想也是子域可以访问父域。
session是保存在内存中的,由Session ID取值。session共享是通过cookie.setPath("/")设置。可在同一应用服务器内共享方法,可以在webapp文件夹下的所有应用共享cookie
示例
第一步:新建Maven项目
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.12</version>
<scope>test</scope>
</dependency>
<!-- servlet依赖的jar包start -->
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
<version>4.0.1</version>
</dependency>
<!-- servlet依赖的jar包start -->
<!-- jsp依赖jar包start -->
<dependency>
<groupId>javax.servlet.jsp</groupId>
<artifactId>jsp-api</artifactId>
<version>2.2</version>
</dependency>
<!-- jsp依赖jar包end -->
<!--jstl标签依赖的jar包start -->
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>jstl</artifactId>
<version>1.2</version>
</dependency>
<!--jstl标签依赖的jar包end -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
<version>5.2.1.RELEASE</version>
</dependency>
<!-- spring web模块依赖 start -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>5.2.1.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>5.2.1.RELEASE</version>
</dependency>
<!-- spring web模块依赖end -->
<!-- JSON处理相关-->
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
<version>2.10.1</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
<version>2.10.1</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
<version>2.10.1</version>
</dependency>
第二步:配置文件
spring.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/mvc
https://www.springframework.org/schema/mvc/spring-mvc.xsd http://www.springframework.org/schema/context https://www.springframework.org/schema/context/spring-context.xsd">
<mvc:annotation-driven/>
<context:component-scan base-package="com.hc"/>
</beans>
springmvc.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc-3.1.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context.xsd">
<!-- 让SpringMVC不拦截静态资源-->
<mvc:default-servlet-handler/>
<!-- 启动自动扫描:使用注解开发,不用配置controller。该句必须有,否则在web.xml的
DispatcherServlet中不能指定springmvc.xml,而必须指定applicationContext.xml -->
<context:component-scan base-package="com.hc.controller"/>
<!-- 视图解析器 ,可以显式设置,也可以不设置,不设置会依据SpringMVC的默认设置-->
<bean id="viewResolver"
class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="prefix" value="/WEB-INF/"/>
<property name="suffix" value=".jsp"/>
</bean>
</beans>
app.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd">
<import resource="spring.xml"></import>
<import resource="springmvc.xml"></import>
</beans>
web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee
http://xmlns.jcp.org/xml/ns/javaee/web-app_4_0.xsd"
id="WebApp_ID"
version="4.0">
<!-- 配置SpringMVC核心控制器:DispatcherServlet主要负责流程的控制。-->
<servlet>
<servlet-name>SpringMVC</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:app.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>SpringMVC</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
</web-app>
第三步:工具类
public class CookieUtils {
/**
* 获取Cookie的值
*
* @param request
* @param cookieName
* @return
*/
public static String getCookieValue(HttpServletRequest request, String cookieName, String encodeString) {
Cookie[] cookieList = request.getCookies();
if (cookieList == null || cookieName == null) {
return null;
}
String retValue = null;
try {
for (int i = 0; i < cookieList.length; i++) {
if (cookieList[i].getName().equals(cookieName)) {
retValue = URLDecoder.decode(cookieList[i].getValue(), encodeString);
break;
}
}
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
return retValue;
}
/**
* 设置Cookie的值 在指定时间内生效, 编码参数(指定编码)
*/
public static void setCookie(HttpServletRequest request, HttpServletResponse response, String cookieName,
String cookieValue, int cookieMaxage, String encodeString) {
try {
if (cookieValue == null) {
cookieValue = "";
} else {
cookieValue = URLEncoder.encode(cookieValue, encodeString);
}
Cookie cookie = new Cookie(cookieName, cookieValue);
if (cookieMaxage > 0) {
cookie.setMaxAge(cookieMaxage);
}
if (null != request) {// 设置域名的cookie
String domainName = getDomainName(request);
System.out.println(domainName);
if (!"localhost".equals(domainName)) {
cookie.setDomain(domainName); //为cookie设定有效域范围
}
}
cookie.setPath("/");//为cookie设定有效的URI范围
response.addCookie(cookie);
} catch (Exception e) {
e.printStackTrace();
}
}
/**
* 得到cookie的域名
*/
private static final String getDomainName(HttpServletRequest request) {
String domainName = null;
//获取完整的请求URL地址
String serverName = request.getRequestURL().toString();
if (null == serverName || "".equals(serverName)) {
domainName = "";
} else {
serverName = serverName.toLowerCase();
if (serverName.startsWith("http://")) {
serverName = serverName.substring(7);
} else if (serverName.startsWith("https://")) {
serverName = serverName.substring(8);
}
int end = serverName.indexOf("/");
if (end == -1) {
end = serverName.length() - 1;
}
//www.baidu.com www.xxx.com.cn
serverName = serverName.substring(0, end);
final String[] domains = serverName.split("\\.");
int len = domains.length;
if (len > 3) { // www.xxx.com.cn
domainName = domains[len - 3] + "." + domains[len - 2] + "." + domains[len - 1];
} else if (len <= 3 && len > 1) { // xxx.com or xxx.cn
domainName = domains[len - 2] + "." + domains[len - 1];
} else {
domainName = serverName;
}
}
//domain与端口无关 去掉端口号
if (domainName != null && domainName.indexOf(":") > 0) {
String[] ary = domainName.split("\\:");
domainName = ary[0];
}
return domainName;
}
}
第四步:Controller
@Controller
public class TestController {
@RequestMapping("/fun1")
public String fun1(HttpServletRequest request, HttpServletResponse response){
String cookieName = "global_session_id";
String encodeString = "UTF-8";
String cookieValue = CookieUtils.getCookieValue(request,cookieName,encodeString);
if(null == cookieValue || "".equals(cookieValue.trim())){
System.out.println("cookie不存在,重新生成新的cookie");
cookieValue = UUID.randomUUID().toString();
}
//根据cookieValue访问数据存储,获取客户端数据
CookieUtils.setCookie(request,response,cookieName,cookieValue,0,encodeString);
return "index.jsp";
}
}
第五步,运行项目到tomcat9
打开Windows的hosts文件,在其中添加如下内容:
127.0.0.1 blog.hc.com
127.0.0.1 test.hc.com
127.0.0.1 resume.hc.com
依次在浏览器中打开如下三个网页:
-
http://test.hc.com/ssd/fun1
-
http://resume.hc.com/ssd/fun1
-
http://blog.hc.com/ssd/fun1