JavaWeb of session
Session is a server-side technology
Using this technique, you can create a session object which is exclusive for each user's browser to the server is running, due to the user's browser session is exclusive, so users access the web server resources, can put their data in each session, the user again when accessing other web server resources, then other web resources to retrieve data from the user session for the respective service users.
Session principles
Session Cookie itself based on the use of Cookie wrote back a JSESSIONID (JSESSIONID server is a unique identifier for each session created)
- Request.getSession by calling (); acquisition session, session gamut: a session (multiple requests.).
session is cookie-based, cookie if the client is disabled, how to track session?
You can manually spell on the request parameters? Jsessionid = 44A7AAEB8A1547815F6E37EFC0684C8C
Or use the url rewrite, encodeURL, encodeRedirectURL but this method is not recommended because the url to rewrite all the more trouble
You can also use a hidden form field method
Session object is created and destroyed
Server-side first call getSession () method when creating the session object!
Session destruction:
Server was abnormally shut down! Server is shut down under normal session will be serialized .work path, and then will start to disappear deserialized
Manual destroy session call session.invalidate ()
session expired (the default time of 30 minutes with a suburb, may be modified in web.xml tomcat)
Session Case
Session verification code used to verify
When required to generate the verification code, the verification code of four characters stored in the session.
Session simple shopping cart
To close the browser, the information is still shopping, JSESSIONID need to write back to the browser via a cookie
HttpSession session = request.getSession(); String sessionId = session.getId(); Cookie cookie = new Cookie("JSESSIONID", sessionId); cookie.setMaxAge(60*60); response.addCookie(cookie);
Redis practical application may be combined, in the session in redis, (shots from redis replication)
Session is a server-side technology
Using this technique, you can create a session object which is exclusive for each user's browser to the server is running, due to the user's browser session is exclusive, so users access the web server resources, can put their data in each session, the user again when accessing other web server resources, then other web resources to retrieve data from the user session for the respective service users.
Session principles
Session Cookie itself based on the use of Cookie wrote back a JSESSIONID (JSESSIONID server is a unique identifier for each session created)
- Request.getSession by calling (); acquisition session, session gamut: a session (multiple requests.).
session is cookie-based, cookie if the client is disabled, how to track session?
You can manually spell on the request parameters? Jsessionid = 44A7AAEB8A1547815F6E37EFC0684C8C
Or use the url rewrite, encodeURL, encodeRedirectURL but this method is not recommended because the url to rewrite all the more trouble
You can also use a hidden form field method
Session object is created and destroyed
Server-side first call getSession () method when creating the session object!
Session destruction:
Server was abnormally shut down! Server is shut down under normal session will be serialized .work path, and then will start to disappear deserialized
Manual destroy session call session.invalidate ()
session expired (the default time of 30 minutes with a suburb, may be modified in web.xml tomcat)
Session Case
Session verification code used to verify
When required to generate the verification code, the verification code of four characters stored in the session.
Session simple shopping cart
To close the browser, the information is still shopping, JSESSIONID need to write back to the browser via a cookie
HttpSession session = request.getSession(); String sessionId = session.getId(); Cookie cookie = new Cookie("JSESSIONID", sessionId); cookie.setMaxAge(60*60); response.addCookie(cookie);
Redis practical application may be combined, in the session in redis, (shots from redis replication)