The concept of session built-in objects
Session object: In
Web applications, a session refers to a series of interactions between a user's browser and a server through a series of requests and responses within a period of time. In a session, the user can access a variety of resources in the Web application system, including web pages.
When the user (browser) sends the first request to the web application server, the server will create a uniquely identified session for the user, and the session will continue until the end of the visit (the browser is closed or the user does not access the web application for a long time). JSP uses the session object to represent the session, that is, the information is stored in the session object, so that the user can get it at any time in this session.
Closing the browser just interrupts the connection with the Web server, but the session object still exists on the server side. If the time expires , the Web server deletes it . If the server shuts down normally , the object is serialized into the SESSIONS.ser file, and the server is restarted, and the session object in the file is deserialized again.
session operating mechanism
1. When the user (browser) sends the first request to the Web application server, if the request header does not contain the sessionID (session unique identifier), the server will create a new session for the client and generate a session with this client. Corresponding sessionID, and then return the sessionID to the client with this response;
2. When the user (browser) sends a request to the Web application server again, and the request header contains the sessionID, the server will first find the corresponding session through the sessionID to determine that the client is accessing the server. At this time, the sessionID will not follow This response is returned to the client; if the session is deleted by the Web server due to its duration, a new session will be created and a sessionID corresponding to this session will be generated, and then the sessionID will be returned to the client with this response ; If the client does not disable cookies, the client uses cookies to save the sessionID. If the cookie is disabled, it will be automatically converted to URL-rewriting (URL rewriting, URL contains sessionID) technology.
Common methods of session
setAttribute: Set the parameter value of the specified name; the object saved in the session is saved to the corresponding directory of the work folder (Tomcat installation root directory\work\Catalina\localhost\XXX) when the Tomcat server is shut down normally (closed by shutdown.bat), It will be reused with the startup of Tomcat.
getAttribute: get the value of the specified attribute, if the attribute value does not exist, return null;
removeAttribute: delete an attribute in the session
getId(): get the sessionID
isNew(): whether each request will generate a new session object
setMaxInactiveInterval(): Set the effective time of the session object after the operation is stopped.