Session
I. Overview
Technical Session : server-side session techniques, sharing data between multiple requests of a session, the data stored in the server-side object (the HttpSession) in.
Second, use the steps
1, to obtain the HttpSession object
You can get the session object according to the request object
HttpSession session = request.getSession();
2, using the HttpSession object
equivalent scope a session also may be used to store and retrieve data.
Object getAttribute(String name)
void setAttribute(String name, Object value)
void removeAttribute(String name)
Three, Session principles
Session realization is dependent on Cookie's.
Schematic:
Four, Session details
1, when the client is closed, the server does not shut down, twice obtaining session whether the same?
If it is not the same object default.
If you need the same, you can create a cookie object with the key JSESSIONID, set the maximum survival time for the cookie persistence save.
Code implementation :
1 Cookie c = new Cookie("JSESSIONID",session.getId());
2 c.setMaxAge(60*60);
3 response.addCookie(c);
2, the client does not shut down after the server is down, get twice the session is the same right?
Not the same, but to make sure that the data session is not lost. tomcat will automatically do the following
(1) session passivating
Prior to shut down the server properly, the session object is serialized to disk.
(2) session activation
After the server is started, the session file into a session object in memory.
3, when the session is destroyed?
(1) when the server is shut down, session object is destroyed
(2) session object calls invalidate (), session automatically destroyed
(3) session default expiration time of 30 minutes. Can be modified in the configuration file web.xml
1 <session-config>
2 <session-timeout>30</session-timeout>
3 </session-config>
Five, Session features
(1) a plurality of times a data request for storing a session of the session, the presence server
(2) session may store any type of data of any size
session and cookie difference:
(1) session data stored on the server side, cookie at the client;
(2) session data it has size limitation, cookie restricted;
(3) session data security, cookie relative insecurity;