Detailed Explanation of Session Session Technology

Enterprise 2023-06-04 19:42:55 views: null

Session

foreword

本文详细介绍了会话技术Session

1. Simple learning of JSP

1.1 Concept:

Java server Pages: java server-side pages
- can be understood as: a special page, in which both html tags and java codes can be specified and defined to simplify writing!!!

1.2 Principle

JSP is essentially a servlet

1.3 JSP script: the way JSP defines Java code

  1. <% code %>: defined java code, in the service method. What can be defined in the service method, what can be defined in the script.
  2. <%! Code%>: The defined java code, in the member position of the java class converted by jsp.
  3. <%=code%‰>: The defined java code will be output to the page. What can be defined in the output statement, what can be defined in the script.
  4. JSP's built-in objects:
    • Objects that can be used directly without acquisition and creation in jsp pages
    • jsp has a total of 9 built-in objects.

1.4 JSP instruction

  • Role: used to configure] SP page, import resource files
  • Format:
    <%@ Refers to the name attribute name 1 = attribute value 1 attribute name 2 = attribute value 2 ... %>
    classification:
  1. page: Configure the JSP page
  2. include: Included by the page. Import page resource files
  3. taglib: import resources

1.4.1 page directive

  • contentType : equivalent to response.setcontentType()
    • Set the mime type and character set of the response body
    • Set the encoding of the current jsp page (only advanced IDEA can take effect, if you use low-level tools, you need to set the pageEncoding property to set the character set of the current page)
  • import : guide package
  • errorPage : When an exception occurs on the current page, it will automatically jump to the specified error page
  • isErrorPage : Identifies whether the current page is an error page.
    • true: Yes, the built-in object exception can be used.
    • false : no. Defaults. The built-in object exception cannot be used.

1.4.2 Notes

<%----%>: can comment all

1.5 Built-in objects (implicit objects)

1. request
2. response
3. out:: character output stream object. Data can be output to the page. Similar to response.getwriter()

  • The difference between response.getWriter() and out.write():
    • Before the tomcat server actually responds to the client, it will first find the response buffer data, and then find the out buffer data.
    • response.getwriter() data output is always before out.write().

4、

insert image description here

2. State management Session session technology (interview) server

2.1 Session

2.1.1 What is Session (session)?

  • Concept: server-side session technology, sharing data between multiple requests in a session, and saving data in objects on the server side.

  • When a browser accesses the Web server, the server will allocate space for each browser in the server-side memory, and create a Session object separately. This object has an ld attribute with a unique value, generally called SessionId, and the server will use this SessionId (using Cookie method) is sent to the browser; when the browser accesses the server again, it will send the SessionId to the server, and the server can find the corresponding Session object based on SessionId.

2.1.2 Quick Start

  • Steps:
    1. Get the Httpsession object:
    Httpsession session = request.getsession();
    2. Use Httpsession object:
    object getAttribute(string name)
    void setAttribute(string name, object value)
    void removeAttribute(string name)I

2.1.3 Session working principle

  • session is implemented by relying on cookie.

  • How does the server ensure that in one session, the Session object obtained multiple times is the same?
    insert image description here

2.1.4 session usage details

1. When the client is closed and the server is not closed, is the session obtained twice the same?

  • by default. no.
    • If you need to be the same, you can create a cookie, the key is "SESSIONID, set the maximum survival time, and make the cookie persistent.
cookie c = new Cookie( "JSESSIONID",session.getId());
c.setMaxAge(60*60);
response.addcookie(c);

2. The client is not closed. After the server is closed, is the session obtained twice the same?

  • Not the same, but make sure the data is not lost (tomcat has already done it for us)

  • Passivation of session:

    • Serialize the session object to disk before the server shuts down normally

  • Session activation:

    • After the server starts, just convert the session file into a session object in memory.
      (tomcat)

3. When is the session destroyed?

1. The server is shut down.
2. The session object calls invalidate().
3. The default session expiration time is 30 minutes

2.1.5 session features

  • The characteristics of the session

    1. session is used to store the data of multiple requests for one session, which exists on the server side
    2. Session can store data of any type and size

  • The difference between session and cookie:

    1. Session stores data on the server side, and cookies on the client side.
    2. Session has no data size limit, but Cookie has
    3. Session data is safe, and cookies are relatively insecure

2.1.6 session authentication

When users access resources that need to be protected, they can use Session authentication to ensure their security. For example, resources that require login before they can be accessed implement Session authentication. Follow the steps below

  • 1. Use Session.setAttribute () to bind data first.
  • 2. Use Session.getAttribute( ) to read the binding value, if not, jump back to the login page.

2.1.7 Session code case

package com.qst.servlet;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class SessionServlet extends HttpServlet {
    
    
	private static final long serialVersionUID = 1L;

	public void service(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
    
    
		request.setCharacterEncoding("UTF-8");
		response.setContentType("text/html;charset=utf-8");
		//当参数为false时,有session对象返回session对象,无Session对象返回null
		 //HttpSession session=request.getSession(false);
		 当参数为true时,有session对象返回session对象,无Session对象时创建一个新session对象返回。
		// HttpSession session2=request.getSession(true);
		 //request.getSession(true)等价于request.getSession()。
		 HttpSession session=request.getSession();
		 //设置Session生存时间
		 session.setMaxInactiveInterval(3);
		 System.out.println(session.getId());
		  PrintWriter out=response.getWriter();
		  out.println(session.getId()+"<br/>");
		 //删除Session对象
		 // session.invalidate();
		 
	}

}

Guess you like

Origin blog.csdn.net/qq_45821255/article/details/125441746
Recommended
LFOSSA Yuanlaisusu Open Course | Mastering the Cloud Native Future: Comprehensive Guide to CNCF Certification and Exam Preparation Tips
Ranking
C++ Basic Syntax
bootstrapTable hides a column based on a condition
Why is reentrant lock recommended instead of Synchronized when dynamic high concurrency?
hexo create a blog
[Fully open source and non-encrypted version] Imitation of the eighth district distribution/online signature/multiple sets of download templates/APP distribution hosting/APP packaging and packaging
Polymerization combination
https://www.flysnow.org/2017/05/06/go-in-action-go-log.html
From the perspective of Flutter and the front-end, talk about how to ensure UI fluency under the single-threaded model
nginx-301, 302 redirect
Geolocation by IP Address in ASP.NET
Daily
More
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)
2024-04-21(0)
2024-04-20(6)
2024-04-19(5)
2024-04-18(0)
2024-04-17(31)

Code World

© 2018 codetd.com