when the browser executes
When the browser executes request.getSession(), the browser will detect whether there is a session, if not, it will create one, and it will return the current one.
request.getSession( false ); The difference from the above is that if there is one, it will return the current Session, and if there is no, it will return null.
When a session is created, a cookie with its own id is sent to the browser with no valid time set.
When the browser visits the website with this cookie, it tells the servlet to look for that session. Since the cookie does not have an expiration time, the browser is closed and the cookie is dead.
When I open the browser servlet, I don't know how to find the session, but the session still exists.
So just rewrite this cookie.
HttpSession session = request.getSession();
session.setAttribute("user", user);
String sessionid = session.getId(); //获取sessionid
Cookie cookie = new Cookie("JSESSIONID", sessionid); //new a cookie, the name of the cookie is JSESSIONID the same as the cookie with id
cookie.setPath(request.getContextPath()); //Set the cookie application scope. getContextPath is to get the name of the current project.
cookie.setMaxAge(60000); //Set the valid time
response.addCookie(cookie);//Use this cookie to overwrite the cookie with id