If a piece of data is passed between n pages, we can implement it through Parameter, but make sure that each link does not go wrong. To this end, JavaWeb provides us with technologies for sharing data, namely Cookie and Session.
Cookie
This is a shared data technology on the browser side!
Cookie is a client-side technology, and the program writes each user's data to the user's browser in the form of a cookie. When users use a browser to access web resources in the server, they will bring their own data. In this way, the web resource handles the user's own data.
Cookie principle
1: Create a Cookie object.
Cookie cookie = new Cookie(String name,String value);
参数:
name: 该当前Cookie取一个唯一的名字.
value: 存储在Cookie的共享数据,只能是String类型.
Cookie cookie = new Cookie("currentName","will");
2: Put the cookie into the response, respond to the browser, and store the shared data in the browser.
response.addCookie(cookie);
3: Get the cookie and get the data in the cookie. Because the cookie exists in the request header, it should be obtained through the request.
Cookie[] cs = req.getCookies();
Get the name of the current cookie: String name = cookie object.getName();
Get the value of the current cookie: String value= cookie object.getValue();
4. The problem of Chinese encoding:
//存中文
Cookie cookie=new Cookie("account", URLEncoder.encode(account,"UTF-8"));
//取中文
account = URLDecoder.decode(cookie.getValue(),"UTF-8");
5: Modify the attribute value of the specified attribute name in the cookie.
Requirements: Modify Cookie cookie = new Cookie("currentName", "will");
* Method 1: Create a new Cookie with the same name.
Cookie c = new Cookie("currentName","Lucy");
Method 2: Get the Cookie object and reset the new value through the setValue method.
Cookie对象.setValue("新的值");
6. Set the sharing scope of cookies: If the url-pattern of one servlet is /abc/xxx and the url-pattern of another servlet is /cde/xxx, then they cannot share data. But we can set uniform shared path:
cookie.setPath("/");
If you want to share cookies in different second-level domain names, you need to set the cookie's domain. For example: music.baidu.com, map.baidu.com, tieba.baidu.com, their domain names are different, but Baidu wants to share cookies between them, so it is necessary to set the domain:
cookie.setDomain("");
7. Set the lifetime of the cookie:
//默认情况下的存活的时间是 当浏览器关闭后 共享的数据就没了
//当cookie存活时间为正数的时候 说明存活几秒
//当cookie存活时间为0的时候 说明马上失效 此操作可以在用户注销的时候使用
//当cookie存活时间为负数的时候 就是会话Cookie
cookie.setMaxAge(-1);
8. Defects of Cookie:
1): When multiple people use the same computer, they can view the cookie of the browser, which is not safe.
2): Cookie is more troublesome to store Chinese (encode and then decode).
3): Cookie value It is a String type, a cookie can only store one data, if you need to store multiple data, you have to have N cookies.
4): A site has restrictions on cookies: the
cookie size is limited to 4KB;
a server A maximum of 20 cookies can be saved on a client;
a browser can save a maximum of 300 cookies;
Session
Session is a server-side technology. Using this technology, the server can create an exclusive session object for each user's browser at runtime. Since the session is exclusive to the user's browser, when the user accesses the server's web resources, You can put your own data in your own session.
1: Create and get the Session object.
HttpSession session = request.getSession(true);如果当前请求中存在一个Session对象,就直接返回,如果不存在Session对象,就先创建一个再返回.
HttpSession session = request.getSession(false);如果当前请求中存在一个Session对象,就直接返回,如果不存在Session对象,就返回null.
HttpSession session = request.getSession();等价于HttpSession session = request.getSession(true);
2: Store data in the Session.
session对象.setAttribute(String name,Object value);
3: Get data from Session.
Object value = session对象.getAttribute(String key);
4: Delete Session (user logout and login).
1):删除Session中指定属性名的值.
session对象.removeAttrbute("currentName");
2):销毁Session对象(Session中所有的属性都不存在).
session对象.invalidate();
5. Session timeout management
在超时时间之内,如果客户端和服务端没有交互(用户的两次操作之间不能超过该时间),则自动的销毁Session.
session对象.setMaxInactiveInterval(60 * 10);//超过10分钟,销毁Session.
The default timeout of the Tomcat server is: 30 minutes, and Tomcat is generally destroyed in more than 20 minutes. We can also set the timeout in web.xml
<!-- 浏览器与服务器两次交互的时间超过1分钟 则会删除Session -->
<session-config>
<session-timeout>1</session-timeout>
</session-config>
6. URL rewriting.
Session is a special cookie, and browsers can disable cookies. In this case, you need to manually carry the session ID after each resource.
/session/list;jsessionid=872870F9466CE7B3A11FD3B768FDD684
String url = response.encodeURL("/session/list");
自动的在资源之后拼接;jsessionid=872870F9466CE7B3A11FD3B768FDD684
Note: The acceptance of cookies will not be cancelled during development.
7. Session details:
1: Generally, the attribute name we store in the Session must be unique, we are used to XXX_IN_SESSION: