Session tracking technology
1 What is the conversation tracking technology
We need to look at what is the conversation! The conversation can be understood as a meeting between the client and the server, in a meeting that may contain multiple requests and responses. For example, you make a phone call to 10086, you are the client, while the server is 10086 service personnel. From the moment the two sides to connect the call, the session began, to either hang up the phone indicates the end of the session. During a call, you can make multiple requests to the 10086, so that multiple requests in a single session.
In JavaWeb, the first client sends a request to a server to start the session began, until the end of the customer closed the browser session.
A plurality of shared data in a session request, which is session tracking technology. In one example, the session request is as follows:
l request Bank Home;
l login request (request parameters are user name and password);
l transfer request (Request parameter associated with the transfer of data);
l credit card payment request (request parameters associated with the payment data).
In this last session of the current user information must be shared in this session, because the login is Joe Smith, Joe Smith then it must be relatively transfers and payments at the time of the transfer and repayment! This shows that we must have the ability to share data in a session.
2 sessions session path technique using Cookie or complete
We know that HTTP protocol is a stateless protocol, which means that each request is independent! State before a request can not be recorded. However, the HTTP protocol can be used to complete the Cookie session tracking!
In JavaWeb, a complete session to session tracking, the underlying session Cookie technology dependent.
Cookie
1 Cookie Overview
1.1 What is Cookie
Cookie translated into Chinese is a small dessert, cookies meaning. In HTTP, it means that the server to the client browser a small dessert. In fact, Cookie is a key and a value constituted, is sent to the server with the response of the client browser. Then the client browser will save up Cookie, next time again to access the server and then the Cookie sent to the server.
Cookie is created by the server, and then sent to a client by responding to the key pair. The client will save Cookie, and will mark the source of Cookie (Cookie which server). When the client makes a request to the server will send all the servers Cookie contained in the request to the server so that the server can identify a client!
1.2 Cookie Specification
L Cookie size is 4KB limit;
l a server save up to 20 Cookie on the client browser;
l a browser save up to 300 Cookie;
The above data is only the HTTP Cookie specification, but in the browser wars of today, some of the browser in order to defeat the opponent, in order to demonstrate their abilities reasons, you might Cookie specification for "extended" some, such as the size of each Cookie is 8KB, You can save up to 500 Cookie and so on! But it may fill your hard drive will not appear!
Note that different browsers is not shared Cookie's. That is when you use IE to access the server, the server will send IE Cookie, and then save the IE up when you access the server using FireFox, IE is not possible to send Cookie saved to the server.
1.3 Cookie and HTTP Header
1. Http agreement with Cookie (understand)
* Cookie HTTP protocol is enacted! First by the server to the browser save Cookie, then the next time the browser requests the server to the last request is returned to the server and then Cookie
* created by the server to the client browser to save one key-value pair! Cookie stored in the server response header: the Set-Cookie: the AAA AAA = the Set-Cookie: = the BBB BBB
> Response.AddHeader ( "the Set-Cookie", "the AAA AAA ="); Response.AddHeader ( "the Set-Cookie", " = the BBB BBB ");
* when the browser requests the server, the server will save Cookie sent with the request to the server. Cookie browser restitution request header: Cookie: = AAA aaa; bbb BBB =
* Http agreement (promise not to give too much pressure on your browser):
> a maximum Cookie 4KB
> 1 save up to 20 servers to a browser a Cookie
> 1 a browser can save up to 300 Cookie
* browser Wars: because the browser competition is very exciting, so many browsers are in violation of the provisions of HTTP within a certain range, but will not let a Cookie is 4GB!
2. Cookie use
* Cookie server uses to keep track of client state!
* Save Cart (shopping cart of goods can not be used to save request, because it is more user sends a request to the server information)
* displays the last login name (also a multiple user requests)
********** Cookie is not cross-browser! ***********
3. JavaWeb used Cookie
* original embodiment (Learn):
> Set-Cookie response header transmitted using Response
> Cookie request header using the request acquisition
* convenient way (Excellent):
> Use repsonse .addCookie () method to save the browser cookie
> use request.getCookies () method to get the browser's cookie to return
the first case of cookie:
> jsp save a cookie, a.jsp
> jsp get another browser cookie returned! b.jsp
<h1>保存cookie</h1>
<%
Cookie cookie = new Cookie("aaa","AAA");
response.addCookie(cookie);
Cookie cookie2 = new Cookie("bbb","BBB");
response.addCookie(cookie2);
%>
<h1>获取Cookie</h1>
<%
Cookie[] cookies = request.getCookies();
if(null != cookies){
for(Cookie cookie:cookies){
out.print(cookie.getValue()+" "+ cookie.getName() +"<br>");
}
}
%>
1.4 Cookie coverage
If the server then send repeated Cookie will overwrite the old Cookie, for example, a first client request sent by the server is Cookie: Set-Cookie: a = A; a second request is sent by the server: Set-Cookie: a = AA, then the client, leaving only a Cookie, namely: a = AA.
2 Cookie's life
2.1 What is Cookie's life
Cookie does not just have name and value, Cookie still life. Life is called Cookie at the effective time of the client, Cookie can be set valid time by setMaxAge (int).
l cookie.setMaxAge (-1): maxAge default cookie attribute value is -1, which survived only in the browser memory. Once you close the browser window, the cookie will disappear.
l cookie.setMaxAge (60 * 60): indicates the cookie object can survive for 1 hour. When life is greater than 0, Cookie browser will be saved to the hard drive, even if you close your browser, even restart the client computer, cookie would survive one hour;
l cookie.setMaxAge (0): cookie life equal to 0 is a special value that represents the cookie is invalid! That is, if the original browser has saved the Cookie, you can delete this by setMaxAge Cookie Cookie's (0). Whether in the browser memory, or hard disk on the client will delete the Cookie.
2.2
Case 2.3: Show the last access time
l create cookies, lasttime called, the current time is added to the response;
l acquisition request lasttime Cookie named in the AServlet;
l If there is no output "is your first time to visit this site", if the output there is "a time of your visit to this site is xxx";
AServlet.java
| public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html;charset=utf-8");
Cookie cookie = new Cookie("lasttime", new Date().toString());[崔1] cookie.setMaxAge(60 * 60);[崔2] response.addCookie(cookie);[崔3]
Cookie[] cs = request.getCookies();[崔4] String s = "You are the first to visit this site!"; if(cs != null) {[崔5] for(Cookie c : cs) {[崔6] if(c.getName().equals("lasttime")) {[崔7] s = "Your last visit time is:" + c.getValue (); [Cui 8] } } }
response.getWriter().print(s);[崔9] } |
[Cui 1] Create a Cookie object, called lasttime, is the current time
[CUI 2] Set-Cookie client valid time of 1 h
[Cui 3] was added in response to the Cookie
[Cui 4] acquisition request Cookie
[Cui 5] is present if the request Cookie
[Cui 6] loop through Cookie request
[Cui 7] If the Cookie named lasttime
[Cui 8] set s
[崔9]打印s到响应端
3 Cookie的path
3.1 什么是Cookie的路径
现在有WEB应用A,向客户端发送了10个Cookie,这就说明客户端无论访问应用A的哪个Servlet都会把这10个Cookie包含在请求中!但是也许只有AServlet需要读取请求中的Cookie,而其他Servlet根本就不会获取请求中的Cookie。这说明客户端浏览器有时发送这些Cookie是多余的!
可以通过设置Cookie的path来指定浏览器,在访问什么样的路径时,包含什么样的Cookie。
3.2 Cookie路径与请求路径的关系
下面我们来看看Cookie路径的作用:
下面是客户端浏览器保存的3个Cookie的路径:
a: /cookietest;
b: /cookietest/servlet;
c: /cookietest/jsp;
下面是浏览器请求的URL:
A: http://localhost:8080/cookietest/AServlet;
B: http://localhost:8080/cookietest/servlet/BServlet;
C: http://localhost:8080/cookietest/servlet/CServlet;
l 请求A时,会在请求中包含a;
l 请求B时,会在请求中包含a、b;
l 请求C时,会在请求中包含a、c;
也就是说,请求路径如果包含了Cookie路径,那么会在请求中包含这个Cookie,否则不会请求中不会包含这个Cookie。
l A请求的URL包含了“/cookietest”,所以会在请求中包含路径为“/cookietest”的Cookie;
l B请求的URL包含了“/cookietest”,以及“/cookietest/servlet”,所以请求中包含路径为“/cookietest”和“/cookietest/servlet”两个Cookie;
l B请求的URL包含了“/cookietest”,以及“/cookietest/jsp”,所以请求中包含路径为“/cookietest”和“/cookietest/jsp”两个Cookie;
3.3 设置Cookie的路径
设置Cookie的路径需要使用setPath()方法,例如:
cookie.setPath(“/cookietest/servlet”);
如果没有设置Cookie的路径,那么Cookie路径的默认值当前访问资源所在路径,例如:
l 访问http://localhost:8080/cookietest/AServlet时添加的Cookie默认路径为/cookietest;
l 访问http://localhost:8080/cookietest/servlet/BServlet时添加的Cookie默认路径为/cookietest/servlet;
l 访问http://localhost:8080/cookietest/jsp/BServlet时添加的Cookie默认路径为/cookietest/jsp;