JavaWeb-Servlet service connector (final)

Previous articleJavaWeb -Servlet Service Connector (3)_Alphamilk's Blog-CSDN Blog

Table of contents

1. Servlet Context Communication

Concept: represents the entire web application and is used to communicate with the server

This object can be obtained by

method	describe
`request.getServletContext()`	Returns the Servlet context object associated with a given request.
`this.getServletContext()`	Returns the context object of the current Servlet. It is a method inherited automatically by the servlet class and can be called directly in the current servlet.

The obtained object can realize the following functions

Get the MIME type (file type used in Internet communication)

method	describe
`request.getServletContext().getMimeType(String file)`	Returns the MIME type of a given file. Can be invoked with the request's Servlet context object, passing in a file path or file name as an argument.
`this.getServletContext().getMimeType(String file)`	Returns the MIME type of a given file. It can be called directly in the current Servlet, passing in the file path or file name as a parameter.

Common MIME Types

MIME type	describe
text/plain	Plain Text
text/html	HTML document
text/css	css style sheet
application/json	JSON data
application/xml	XML data
application/pdf	Adobe PDF documents
application/msword	Microsoft Word document
image/jpeg	JPEG image
image/png	png images

Case code:

package com.company;

import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

@WebServlet("/ContextDemo")
public class ServletContextdemo extends HttpServlet{
    @Override
    protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//        定义文件名
        String filename = "javaWeb.jpg";

//      通过request创建对象
        ServletContext context = req.getServletContext();
//        通过HttpServlet本身的方法创建ServletContext
        ServletContext context1 = this.getServletContext();
//        获取文件名的mimeType类型
        String mimeType = context.getMimeType(filename);
        System.out.println("FileName:"+filename+" MIMEType:"+mimeType);
    }
//    方法统一
    @Override
    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        this.doPost(req, resp);
    }
}

2. Domain objects (implementing shared data)

Achieved by

method	describe
`setAttribute(String name, Object obj)`	Bind the given name and object in the current scope (such as servlet context, session or request).
`getAttribute(String name)`	Returns the object associated with the given name, or null if not found.
`remove(String name)`	Removes the property with the given name from the current scope and returns the value of the removed property, or null if not found.

Case code:

Set shared variable class

package com.company;

import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

@WebServlet("/Contextdemo3")
public class Contextdemo3 extends HttpServlet{
    @Override
    protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        ServletContext context = this.getServletContext();
//        创建共享变量
        context.setAttribute("msg","HelloWorld");
        System.out.println("访问ContextDemo3");
    }
//    方法统一
    @Override
    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        this.doPost(req, resp);
    }
}

Get shared variable class

package com.company;

import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

@WebServlet("/Contextdemo4")
public class Contextdemo4 extends HttpServlet{
    @Override
    protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        ServletContext context = this.getServletContext();
//        获取共享变量
        Object msg =context.getAttribute("msg");

        System.out.println("访问ContextDemo4");
//        如果消息可以进行转型字符串则转型为字符串
        if (msg instanceof String){
            System.out.println((String) msg);
        }
    }
    @Override
    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        this.doPost(req, resp);
    }
}

3. Get the real path of the file

method name	describe
getRealPath(String path)	Get the real path of the resource in the server file system under the specified path

Case code:

Just take javaWeb.jpg as an example to find its location in the server

package com.company;

import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

@WebServlet("/ContextDemo2")
public class ContextDemo2 extends HttpServlet{
    @Override
    protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//        使用HttpServlet创建对象
        ServletContext context = this.getServletContext();
//        通过相对于部署的 Web 应用程序的根目录的路径来获取真实路径
        String realpath = context.getRealPath("/src/javaWeb.jpg");
        System.out.println("在服务器中存放的路径是:"+realpath);
    }
//        方法统一
    @Override
    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        this.doPost(req, resp);
    }
}

By comparison, it can be found that it is indeed in this position

The cookie is the session data of the client, and the data is saved to the client browser, which can save some unimportant information, such as the shopping cart website, if the browser is closed when the shopping item is selected, if there is no cookie technology, it will Lost purchase records, need to re-shopping.

Creation, setting and acquisition of cookies

method name	describe
`Cookie(String name, String value)`	Creates a new Cookie object with the given name and value
`response.addCookie(Cookie cookie)`	Add the specified cookie to the response
`response.getCookies()`	Get all the cookies contained in the response and return them as an array

Cookie lifecycle

Each cookie has a certain life cycle, and it will be invalid when it exceeds the valid time. By default, the cookie creation life cycle will be invalid until the client's browser is closed, and if there is no invalidation, too many cookies will be deleted. Saving it in the browser will cause a lot of resource usage. The life cycle can be controlled by the following methods

method name	describe
`setMaxAge(int seconds)`	Set the maximum time to live (in seconds) for the cookie.
	- When `seconds`is 0, it means that the cookie will expire immediately and be deleted from the client.
	- When `seconds`is a negative number, it means that the cookie is a session cookie, which is only valid during the user session and will be deleted after closing the browser.
	- When `seconds`greater than 0, it means that the cookie will expire after the specified number of seconds.

Example code for creating cookies:

Set the cookie class (case scenario: when you successfully log in to some websites, grant cookies to record user operations)

package com.company;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

@WebServlet("/CookieDemo1")
public class CookieDemo1 extends HttpServlet{
    @Override
    protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//        创建一个Cookie表示购物袋中有一辆兰博基尼,并且传入多个cookie
        Cookie cookie = new Cookie("shoppingMap","Lamborghini");
        Cookie cookie1 = new Cookie("login-id","1234");
//        第一个保留七天数据，第二个默认处理
        cookie.setMaxAge(60*60*7);
        resp.addCookie(cookie);
        resp.addCookie(cookie1);
    }
//    方法统一处理
    @Override
    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        this.doPost(req, resp);
    }
}

Access the Cookie class

package com.company;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

@WebServlet("/CookieDemo2")
public class CookieDemo2 extends HttpServlet{
    @Override
    protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        Cookie cookies[] = req.getCookies();
//        输出所有的Cookie数据
        for (Cookie c:cookies) {
            String name = c.getName();
            String value = c.getValue();
            System.out.println("CookieName:"+name+" CookieValue:"+value);
        }
    }
//    统一方法处理
    @Override
    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        this.doPost(req, resp);
    }
}

View sent packets:

The characteristics and functions of cookies

Features:

The content of the cookie is stored on the client's browser
The browser has a limit on the size of a single cookie, and there is also a limit on the number of cookies on the same domain name

effect:

Cookies are often used to store small amounts of less sensitive data
In the case of not logging in, the server can identify the user

Note: cookies should not be used to record the unique identifier of the user's login, because if someone logs in to the relevant website by forging the cookie (such as sql injection, or external csrf bypass) and illegally modifies the user's information, cause loss

2.Session

Seesion is also a server session technology, but compared with Cookie, its data is saved in the server. Generally used to identify and track user status information.

Session creation and use

method	describe
`HttpSession session = request.getSession()`	Create or get the HttpSession object of the current request, or create a new one if it does not exist.
`session.getAttribute(String name)`	Get the property value of the specified name and return a value of type Object.
`session.setAttribute(String name, Object value)`	Set the attribute value of the specified name, and store the value of Object type in the Session.
`session.removeAttribute(String name)`	Removes the property value with the specified name.

Case code: create session object and assign value

create class

package com.company;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;

@WebServlet("/SessionDemo1")
public class SessionDemo1 extends HttpServlet{
    @Override
    protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//        创建Session
        HttpSession session = req.getSession();
        session.setAttribute("用户name","AlphaMilk");
        System.out.println("设置session成功");
    }
//    方法统一
    @Override
    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        this.doPost(req, resp);
    }
}

Get the session class:

package com.company;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.io.PrintWriter;

@WebServlet("/SessionDemo2")
public class SessionDemo2 extends HttpServlet{
    @Override
    protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//        告诉浏览器服务器的编码方式是utf-8
        resp.setHeader("content-type","text/html;charset=utf-8");
//        获取请求头的session对象
        HttpSession session = req.getSession();
//        创建输出流，将session内容输出到浏览器中
        PrintWriter writer = resp.getWriter();
        writer.write("<h1>欢迎用户"+session.getAttribute("用户id")+"</h1>");
    }

    @Override
    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        this.doPost(req, resp);
    }
}

The problem arises: If the client browser is accidentally closed, the session obtained by opening the browser again will be a different object. So how to solve this problem?

The implementation of Session usually relies on Cookie. Every time a Session is created, a corresponding Cookie is generated, which contains an identifier called JSESSIONID, which is used to uniquely identify the Session object.

When the client initiates a request, the browser will automatically carry the cookie to the server, and the server can find the corresponding Session object by parsing the JSESSIONID in the cookie, thereby realizing state maintenance and user identity identification.

Implement session persistence

The essence of the solution is to create an identical cookie with JSESSIONID and value

Case code:

package com.company;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;

@WebServlet("/SessionDemo3")
public class SessionDemo3 extends HttpServlet{
    @Override
    protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//        创建session对象
        HttpSession session = req.getSession();
//        创建对应的cookie对象
        Cookie cookie = new Cookie("JSESSIONID",session.getId());
//        设置生命周期
        cookie.setMaxAge(60*60);
        resp.addCookie(cookie);
//        获取session对象的id
        System.out.println(req.getSession().getId());
    }
//    实现方法统一
    @Override
    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        this.doPost(req, resp);
    }
}

Get it for the first time and then close the browser to get the id again

Session destruction

server down
session calls invalidate()
Session modifies the default expiration time

The default expiration time of the session is 30 minutes. If you want to modify it, you need to set it in the total web.xml configuration of the project

<session-config>
    <session-timeout>30</session-timeout>
</session-config>

JavaWeb-Filter filter_Alphamilk's Blog-CSDN Blog