【Cookie和Session】

One, four domain object corresponding to object

Domain Objects	Objects	Scope
ServletContext	application	The entire web project, multiple servlet can share data.
Session	session	Conversation
Request		Once the request chain
PageContext	PageContext	The current page.

Note: From the top down, the role range from big to small.

Two, cookie and session  

1.cookie             

Overview:

Cookie, browser technology to save user data.

use:

Create, new Cookie objects on the server side, sent to the browser response.

// 创建 Cookie          Cookie cookie = new Cookie("username", "tom");          Cookie cookie2 = new Cookie("Time", System.currentTimeMillis()+"");         Cookie cookie3 = new Cookie("username", "jack");         // add more Cookie          response.addCookie (the cookie);          response.addCookie (Cookie2);         // cookie3 with the same name as the cookie key          response.addCookie (cookie3); // Note: If the key is repeated when the response is more, the last saved browser value.

Request, the browser cookie will be submitted to the server

// Get an array of cookie Cookie [] cookies = request.getCookies () ; System.out.println(cookies); // loop through the array for (Cookie cookie: Cookies) {      System.out.println (cookie);      // get the name and the cookie value       System.out.println (cookie.getName () + "== " + cookie.getValue () ); }

cookie settings

Time: The default browser cookie is closed, the end of a session disappears by setMaxAge (second) seconds value life time.

// 创建       Cookie c  =   new Cookie("time" , System.currentTimeMillis()+"" );      // set the time        c.setMaxAge (60); // 60 seconds one minute        // added to the Response        response.addCookie (C);

Path: The default is the current web application cookie current application generates Cookie, other resources will be submitted access applications.

setPath (path) by setting the path for the cookie screening.

// 设置 cookie          Cookie cookie = new Cookie("password" , "abcdef");          // 设置 cookie 路径          cookie.setPath("/web11/aaa");          response.addCookie(cookie); // 注意 : 路径写成 绝对路径, /web11  开始

删除Cookie

// 创建  Cookie          Cookie username = new Cookie("username", "");         //1. 设置时间为0          username.setMaxAge(0);          //  2.路径一致 ,默认路径可以省略                  // 3. 响应携带          response.addCookie(username);

2.Session

概述 :

Session, 服务器保存用户数据的技术

使用 :

获取session , 依靠request的getSession . Session 对象服务器创建 , 通过 request获取,

当getSession 方法时, 判断请求中,是否有JSESSIONID, 如果没有,必然创建新的session .

如果有JSESSIONID ,通过id查询对应Session ,找到了就返给你, 找不到 创建新的session .

代码演示：

存储数据        // 获取Session          HttpSession session = request.getSession();         // 保存数据          session.setAttribute("username" , "tom"); 获取数据        // 获取 session         HttpSession session = request.getSession();        // 获取  数据 ,通过 key 获取value          Object username = session.getAttribute("username");        System.out.println(username);

session持久化

依靠cookie生命的延长 , 保证 JSESSIONID 存在 ,所以 可以 关闭浏览器,依然访问Session

     

session持久化         // 1. 获取 session         HttpSession session = request.getSession();        // 2. 获取 JSESSIONID         String id = session.getId();         System.out.println(id);        // 3. 把 id 保存 一个 Cookie中  , 键 名称 必须 JSESSIONID         Cookie c = new Cookie("JSESSIONID", id);        // 4. 设置时间        c.setMaxAge(60 * 60 );        // 5.  response 响应 到浏览器        response.addCookie(c);

cookie和session区别

	cookie	session
保存位置	浏览器	服务器
数据类型	String	对象
安全行	不安全	安全