The user opens a browser, clicks on multiple hyperlinks to access the web resources of the server, and then closes the browser. The whole process is called a session ;
Reasons for using conversational technology : each user interacts with the server and will generate their own data; the program wants to save these data, it must use conversational technology;
Second, the realization principle of conversation technology
1. Classification of conversation technology
Cookie technology is a client-side technology. The program saves each user's data in the form of cookies to their respective browsers; when the user uses the browser to access the web resources in the server again, they will bring their respective data in the past;
Session Technology Session is a server-side technology. The server creates an exclusive Session object for each user's browser when it is running; when a user accesses the server, they can put their data in their own session, and when the user accesses the server again Other web resources will take out data from the user’s respective session to serve the user;
2. The realization principle of conversation technology
Cookie
1. Classification of Cookies
The default level of cookies does not have a valid time cookie; by default, as long as the browser is closed, the cookie will be destroyed; (the cookie exists in the browser's memory);
Persistent cookies have a valid time cookie; the content of this cookie is not stored in the browser's memory; (the content of the cookie is saved on the hard disk); close the browser, and the browser will load the file on the hard disk when it is opened again. Cookie data will not be lost;
2. Overview of Cookie API
1. Construction method
Cookie(String name, String value)
2. Other methods
getName() How to get the name of the cookie
getValue() How to get the value of Cookie
setDonain(String pattern) Get the valid domain name of the cookie
setPath(String uri) Set the effective path of the cookie
setMaxAge(int expiry) Set the effective duration of the cookie
3. Cookie usage details
A cookie can only have one type of identification information, and at least one name and value to identify the information;
A web site can send multiple cookies to a browser; a web browser can store cookies from multiple web sites;
The size and number of cookies stored in the browser are limited ;
If a cookie is created and sent to the browser, it is a session-level cookie by default ;
Session
1. Overview of Session
1. What is a Session
Session is called a session. Cookie saves the private data generated by the user to the browser side , and Session saves the private data generated by the user to the server side ;
A browser exclusively owns a Session object;
When saving user data, the server program can write the user data to the Session object. When the user uses the browser to access other programs, other programs can retrieve the user's data from the user's session to serve the user;
2. Why there is a Cookie and a Session
Cookie
Session
The saved data is limited in size and quantity
No limit on number and size
The data is saved on the client browser (not very secure)
Data is stored on the server (relatively safe)
3. How Session saves user data
The Session object is created by the server, and developers can call the getSession method of the request object to get the Session object;
Second, the principle of Session
How does the server implement a session to serve a user's browser?
The realization principle of Session : Based on Cookie , a Session ID is written back based on Cookie;
3. Session accesses data as a domain object
1. Session as a domain object API
setAttribute(String name, String value) Save data to the session
getAttribute(String name) Get data from the session field
removeAttribute(String name) Remove data from the session field
2. The scope of the Session as a domain object
Session as a domain object, its scope is the scope of a session ;
A session refers to the process from when the user opens the browser and clicks on multiple hyperlinks, accesses server resources, and finally closes the browser;
Summary of Servlet's data access scope
Request scope (ServletRequest)
Session scope (HTTPSession)
Application scope (ServletContext)
When to create
When the user sends a request to the server, the server creates a request object
Created when the server side calls the getSession() method for the first time
Created when the server starts, a separate ServletContext object is created for each web project
When to destroy
When the server responds to this request, the server will destroy the request object
Three situations: ①Session expires, the default expiration time is 30 minutes; ②The server is shut down abnormally; ③The session.invalidate() is called manually;
When the server is shut down, or when the project is removed from the server