I. Technical Session
1) From open a browser to visit a site, to shut down this entire process browser, became a session. This technical session is to record the client's session state data.
2) technology is divided into a session Cookie and Session:
Cookie: data is stored in the client locally , reducing pressure storage server, security is not good, the client can clear the cookie;
Session: storing data to the server , security is relatively good, increasing the pressure on the server;
Two, Cookie Technology
1. The server sends the client a Cookie
1) Create a Cookie:
Cookie cookie = new Cookie(String cookieName,String cookieValue);
Note: Cookie can not be stored in Chinese.
2) Set Cookie persistence time in the client:
cookie.setMaxAge (seconds The int); --- time seconds
Note: If you do not set the persistence time, cookie will be stored in the browser's memory, the browser is closed cookie information destruction (session-level cookie), if you set the persistence time, cookie information will be persisted to the browser's disk file in
3) Set Cookie carrying path:
cookie.setPath(String path);
Note: If you do not set the carry path, then the cookie information will be generated in the path of the cookie to access a web resource where carries cookie information
4) sends a cookie to the client:
response.addCookie(Cookie cookie);
5) delete the cookie on the client:
If you want to remove the client's cookie information already stored, then use the same name as the persistence of time covering the same path as can the cookie 0;
2. The server accepts the client how to carry Cookie
1) get all the Cookie by request:
Cookie[] cookies = request.getCookies();
2) to traverse an array of Cookie, Cookie get what we want by the name of Cookie
for(Cookie cookie : cookies){
if(cookie.getName().equal(cookieName)){
String cookieValue = cookie.getValue();
}
}
Three, Session Technology
1. Session object is obtained
HttpSession session = request.getSession();
* Request.getSession () method internally to determine, whether the client session already exists on the server side;
* If the client session does not exist on this server, it will create a session object;
* If the client exists in the server session acquiring existing return the session (in essence, according to JSESSIONID determine whether the client is a session already exists on the server);
2. How to access data (session is a domain object) to the session
Session data is stored in the object region, the session object also has three methods:
session.setAttribute(String name,Object obj);
session.getAttribute(String name);
session.removeAttribute(String name);
3. The life cycle of the Session object (face questions / pen questions)
Creating the first execution request.getSession (): Creating
destroy:
1) the server (abnormal) closed
2) session expired / disabled (default 30 minutes)
Question: starting point is calculated from the time when 30 minutes?
Never resources to start timing server-side action
Can be configured in the web.xml project
<session-config>
<session-timeout>30</session-timeout>
</session-config>
3) Manual destruction session
session.invalidate();
Range:
The default in one session, that is to say in a session a session object to any public resources