JavaWeb中的Cookie和Session解读
更新时间:2023年10月18日 08:55:26 作者:Neo丶
这篇文章主要介绍了JavaWeb中的Cookie和Session解读,Cookie是servlet发送到Web浏览器的少量信息,该信息由浏览器保存,然后发送回服务器,一般情况下,Cookie是以键值对进行表示的,Cookie的值可以唯一地标识客户端,因此Cookie常用于会话管理,需要的朋友可以参考下
Cookie
Cookie是servlet发送到Web浏览器的少量信息,该信息由浏览器保存,然后发送回服务器。一般情况下,Cookie是以键值对进行表示的(key-value),Cookie的值可以唯一地标识客户端,因此Cookie常用于会话管理。servlet通过使用HttpServletResponse#addCookie方法将cookie发送到浏览器,该方法将字段添加到http响应头,以便一次一次地将cookie发送到浏览器,每个Cookie的大小限定为4kb。
创建Cookie
客户端没有Cookie -> 服务器创建Cookie -> 通知客户端保存Cookie -> 通过响应头Set-Cookie通知客户端保存Cookie(Set-Cookie:key=value) ->客户端收到响应后发现set-cookie响应头,查看有没有Cookie,如果没有就创建如果有就修改。
package com.pero.servlet.cookie_session;
import jakarta.servlet.*;
import jakarta.servlet.http.*;
import java.io.IOException;
import java.lang.reflect.Method;
public abstract class BaseServlet extends HttpServlet {
protected void add(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
}
protected void delete(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
}
protected void update(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
}
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request,response);
}
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
request.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=UTF-8");
String action = request.getParameter("action");
try {
Method method = this.getClass().getDeclaredMethod(action, HttpServletRequest.class, HttpServletResponse.class);
method.invoke(this,request,response);
} catch (Exception e) {
throw new RuntimeException(e);
}
}
}package com.pero.servlet.cookie_session;
import jakarta.servlet.*;
import jakarta.servlet.http.*;
import java.io.IOException;
public class CookieServlet extends BaseServlet {
protected void createCookie(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
//创建Cookie
Cookie cookie = new Cookie("key","value");
//通知客户端保存
response.addCookie(cookie);
response.getWriter().write("Cookie创建成功");
}
}<!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="pragma" content="no-cache" />
<meta http-equiv="cache-control" content="no-cache" />
<meta http-equiv="Expires" content="0" />
<meta http-equiv="content-type" content="text/html;charset=UTF-8">
<title>Cookie</title>
<base href="http://localhost:8080/cookie_session/" rel="external nofollow" rel="external nofollow" >
<style type="text/css">
ul li{
list-style: none;
}
</style>
</head>
<body>
<iframe name="target" width="500" height="500" style="..."></iframe>
<div style="...">
<ul>
<li><a href="cookieServlet?action=createCookie" rel="external nofollow" target="target">Cookie的创建</a></li>
<li><a href="cookieServlet?action=getCookie" rel="external nofollow" target="target">Cookie的获取</a></li>
<li><a href="cookieServlet?action=updateCookie" rel="external nofollow" target="target">Cookie值的修改</a></li>
<li>Cookie的存活周期</li>
<li>
<ul>
<li><a href="cookieServlet?action=defaultLifeCookie" rel="external nofollow" target="target">Cookie的默认存活时间(会话)</a></li>
<li><a href="cookieServlet?action=deleteNowCookie" rel="external nofollow" target="target">Cookie立即删除</a></li>
<li><a href="cookieServlet?action=life5Cookie" rel="external nofollow" target="target">Cookie存活5秒</a></li>
</ul>
</li>
<li><a href="cookieServlet?action=pathCookie" rel="external nofollow" target="target">Cookie的路径设置</a></li>
<li><a href="" target=" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" target">Cookie的用户登录练习</a></li>
</ul>
</div>
</body>
</html>服务器获取Cookie
客户端有了Cookie的值 -> 通过请求头:Cookie:key=value 把Cookie信息发送给服务器 -> 服务器获取客户端发送过来的Cookie只需要一行代码{request.getCookies():返回Cookie[]数组}
package com.pero.servlet.cookie_session;
import com.pero.servlet.util.CookieUtil;
import jakarta.servlet.*;
import jakarta.servlet.http.*;
import java.io.IOException;
public class CookieServlet extends BaseServlet {
protected void getCookie(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
Cookie[] cookies = request.getCookies();
for (Cookie cookie : cookies) {
//getName()获取Cookie的Key值,getValue()方法获取Cookie的value值
response.getWriter().write("Cookie{" + cookie.getName() + ":" + cookie.getValue() + "} <br/>");
}
Cookie iWantCookie = CookieUtil.findCookie("key",cookies);
//如果不等于null意味着找到了Cookie
if (iWantCookie != null){
response.getWriter().write("找到了Cookie");
}
}
...
}package com.pero.servlet.util;
import jakarta.servlet.http.Cookie;
public class CookieUtil {
/**
* 查找指定名称的Cookie对象
* @param name
* @param cookies
* @return
*/
public static Cookie findCookie(String name,Cookie[] cookies){
if (name == null || cookies == null || cookies.length ==0){
return null;
}
for (Cookie cookie : cookies) {
if (name.equals(cookie.getName())){
return cookie;
}
}
return null;
}
}Cookie值的修改
package com.pero.servlet.cookie_session;
import com.pero.servlet.util.CookieUtil;
import jakarta.servlet.*;
import jakarta.servlet.http.*;
import java.io.IOException;
public class CookieServlet extends BaseServlet {
protected void updateCookie(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
//方法一:
//创建需要修改的同名Cookie对象
//在构造器中同时赋予新的Cookie值
// Cookie cookie = new Cookie("key","newValue");
//调用response.addCookie(Cookie)
// response.addCookie(cookie);
// response.getWriter().write("key的Cookie的值已经修改");
//方法二
//查找需要修改的Cookie对象
Cookie cookie = CookieUtil.findCookie("key",request.getCookies());
//调用setValue()方法付于心的Cookie值
if (cookie != null){
cookie.setValue("NewCookie");
}
//调用response.addCookie(cookie)通知客户端保存修改
response.addCookie(cookie);
}
...
}Cookie的生命控制
Cookie的生命控制指的是如何管理Cookie什么时候被销毁(删除)。setMaxAge();整数表示在指定秒数后过期,负数表示浏览器一关Cookie就会被删除(程序默认),0表示立刻删除Cookie。
package com.pero.servlet.cookie_session;
import com.pero.servlet.util.CookieUtil;
import jakarta.servlet.*;
import jakarta.servlet.http.*;
import java.io.IOException;
public class CookieServlet extends BaseServlet {
protected void life5Cookie(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
Cookie cookie = new Cookie("life5","life5");
cookie.setMaxAge(5); //设置Cookie5秒后删除
response.addCookie(cookie);
response.getWriter().write("创建了5秒钟的Cookie");
}
protected void deleteNowCookie(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
//查找需要删除的Cookie
Cookie cookie = CookieUtil.findCookie("key",request.getCookies());
if (cookie != null){
//设置cookie.setMaxAge(0);立刻销毁Cookie
cookie.setMaxAge(0);
//response.addCookie();浏览器保存
response.addCookie(cookie);
response.getWriter().write("key的Cookie已经被删除");
}
}
protected void defaultLifeCookie(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
Cookie cookie = new Cookie("defaultLife","defaultLife");
cookie.setMaxAge(-1); //设置存活时间为浏览器退出后Cookie被销毁
response.addCookie(cookie);
}
...
}Cookie有效路径Path的设置
Cookie的path属性可以有效的过滤那些Cookie可以发送给服务器那些不发送,path属性是通过请求的地址来进行过滤。
package com.pero.servlet.cookie_session;
import com.pero.servlet.util.CookieUtil;
import jakarta.servlet.*;
import jakarta.servlet.http.*;
import java.io.IOException;
public class CookieServlet extends BaseServlet {
protected void pathCookie(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
Cookie cookie = new Cookie("path","path");
//getContextPath()得到工程路径
cookie.setPath(request.getContextPath() + "/file");
response.addCookie(cookie);
response.getWriter().write("创建了一个带有Path路径的Cookie");
}
...
}Cookie练习免用户名登陆
第一次登录时:客户端(浏览器)第一次访问,服务器返回给客户端登陆页面,填写用户名和密码后提交给服务器,服务器获取用户名和密码,判断用户名和密码是否正确,正确允许登录,错误不允许登录,把用户名保存为Cookie发送给客户端,浏览器有了用户名和Cookie信息;
第二次登陆时:客户端(浏览器)第二次访问服务器会把Cookie信息发给服务器,服务器返回给客户端带用户名的登录界面。
package com.pero.servlet.cookie_session;
import jakarta.servlet.*;
import jakarta.servlet.http.*;
import java.io.IOException;
public class LoginServlet extends HttpServlet {
@Override
public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String username = request.getParameter("username");
String password = request.getParameter("password");
if ("root".equals(username) && "root".equals(password)){
//登陆成功
Cookie cookie = new Cookie("username", username);
cookie.setMaxAge(60*60*24*7); //cookie一周内有效
response.addCookie(cookie);
System.out.println("登陆成功");
}else {
System.out.println("登陆失败");
}
}
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
}
}<%--
Created by IntelliJ IDEA.
User: Administrator
Date: 2023/3/16
Time: 18:35
To change this template use File | Settings | File Templates.
--%>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>Title</title>
</head>
<body>
<form action="http://localhost:8080/cookie_session/loginServlet" method="get">
用户名:<input type="text" name="username" value="${cookie.username.value}">
密 码:<input type="password" name="password">
<input type="submit" value="登录">
</form>
</body>
</html>Session
Session是一个接口(HttpSession),Session是会话,用来维护一个客户端和服务器之间关联的一种技术,每个客户端都有自己的一个Session会话,Session会话中经常用来保存用户登录之后的信息。
创建Session和获取
- request.getSession():第一次调用是创建Session会话,之后都是调用,获取前面创建好的Session会话对象;
- isNew():判断是不是新创建出来的Session,true表示新创建,false表示获取之前创建的;
- getId():得到Session会话的id值,每一个会话都有一个id值,这个id值是唯一的。
package com.pero.servlet.cookie_session;
import jakarta.servlet.*;
import jakarta.servlet.http.*;
import java.io.IOException;
public class SessionServlet extends BaseServlet {
protected void createOrGetSession(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
//创建和获取Session会话对象
HttpSession session = request.getSession();
//判断当前Session会话是否是新创建出来的
boolean isNew = session.isNew();
//获取Session会话的唯一标识
String id = session.getId();
response.getWriter().write("得到的Session的ID:" + id + " <br/>");
response.getWriter().write("Session是否为新创建的:" + isNew + " <br/>");
}
}<!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="pragma" content="no-cache"/>
<meta http-equiv="cache-control" content="no-cache"/>
<meta http-equiv="Expires" content="0"/>
<meta http-equiv="content-type" content="text/html;charset=UTF-8">
<title>Session</title>
<base href="http://localhost:8080/cookie_session/" rel="external nofollow" rel="external nofollow" >
<style type="text/css">
ul li {
list-style: none;
}
</style>
</head>
<body>
<iframe name="target" width="500" height="500" style="..."></iframe>
<div style="...">
<ul>
<li><a href="sessionServlet?action=createOrGetSession" rel="external nofollow" target="target">Session的创建和获取</a></li>
<li><a href="" target=" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" target">Session域数据的存储</a></li>
<li><a href="" target=" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" target">Session域数据的获取</a></li>
<li>Session的存活周期</li>
<li>
<ul>
<li><a href="" target=" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" target">Session默认超时配置</a></li>
<li><a href="" target=" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" target">Session5秒超时销毁</a></li>
<li><a href="" target=" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" target">Session立刻销毁</a></li>
</ul>
</li>
<li><a href="" target=" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" target">浏览器和Session绑定的原理</a></li>
</ul>
</div>
</body>
</html>Session域中数据的存取
package com.pero.servlet.cookie_session;
import jakarta.servlet.*;
import jakarta.servlet.http.*;
import java.io.IOException;
public class SessionServlet extends BaseServlet {
protected void getAttributeSession(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
HttpSession session = request.getSession();
Object attribute = session.getAttribute("key");
response.getWriter().write("从Session中获取key的值为:" + attribute);
}
protected void setAttributeSession(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
HttpSession session = request.getSession();
session.setAttribute("key","value");
response.getWriter().write("已经向Session中存储值");
}
...
}Session生命周期
Session超时是指客户端两次请求的最大间隔时间。
- public void setMaxInactiveInterval(int interval):设置Session超时时间(以秒为单位),超过指定时长Session会被销毁,值为正数的时候,设定Session的超市时长,值为负数的时候,Session永不超时;
- public void invalidate():让Session会话立刻超时无效;
- public int getMaxInactiveInterval():获取Session的超时时间;
Session的默认超时时长为:Session的默认超时时长为1800秒。
package com.pero.servlet.cookie_session;
import jakarta.servlet.*;
import jakarta.servlet.http.*;
import java.io.IOException;
public class SessionServlet extends BaseServlet {
protected void defaultLife(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
HttpSession session = request.getSession();
int maxInactiveInterval = session.getMaxInactiveInterval();
response.getWriter().write("Session的默认超时时长为" + maxInactiveInterval + "秒");
}
...
}如果调整web工程的超时时长,可以在web.xml中进行配置。
<!-- 表示当前web工程创建出来的所有Session默认是20分钟超时时长 -->
<session-config>
<session-timeout>10</session-timeout>
</session-config>也可以通过setMaxInactiveInterval(int interval)设置Session超时时间
package com.pero.servlet.cookie_session;
import jakarta.servlet.*;
import jakarta.servlet.http.*;
import java.io.IOException;
public class SessionServlet extends BaseServlet {
protected void life5Session(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
HttpSession session = request.getSession();
//设置当前Session5秒后超时
session.setMaxInactiveInterval(5);
response.getWriter().write("当前Session已经设置为5秒后超时");
}
...
}设置Session立刻超时
package com.pero.servlet.cookie_session;
import jakarta.servlet.*;
import jakarta.servlet.http.*;
import java.io.IOException;
public class SessionServlet extends BaseServlet {
protected void shutDownSession(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
HttpSession session = request.getSession();
//设置当前Session立刻超时
session.invalidate();
response.getWriter().write("当前Session立刻超时关闭");
}
...
}浏览器和Session之间关联的技术
Session技术底层是基于Cookie技术实现的。
到此这篇关于JavaWeb中的Cookie和Session解读的文章就介绍到这了,更多相关Cookie和Session解读内容请搜索脚本之家以前的文章或继续浏览下面的相关文章希望大家以后多多支持脚本之家!
相关文章
这篇文章主要为大家介绍了java面向对象设计原则之迪米特法则的示例分析详解,有需要的朋友可以借鉴参考下,希望能够有所帮助,祝大家多多进步,学有所得2021-10-10
Java中LinkedHashSet、LinkedHashMap源码详解
这篇文章主要介绍了Java中LinkedHashSet、LinkedHashMap源码详解,LinkedHashMap是一个以双向链表的方式将Entry节点链接起来的HashMap子类,它在HashMap的基础上实现了更多的功能,具有顺序存储和遍历的特性,需要的朋友可以参考下2023-09-09
这篇文章主要为大家详细介绍了Eclipse导出安卓apk文件的图文教程,以图文结合的方式为大家分享了Eclipse是如何导出安卓apk文件的步骤,感兴趣的小伙伴们可以参考一下2016-06-06
关于feign对x-www-form-urlencode类型的encode和decode问题
这篇文章主要介绍了关于feign对x-www-form-urlencode类型的encode和decode问题,具有很好的参考价值,希望对大家有所帮助。如有错误或未考虑完全的地方,望不吝赐教2022-03-03
这篇文章主要介绍了使用PHP从千千静听歌词服务器获取lrc歌词的方法,大家参考使用吧2014-01-01
使用spring security的时候,框架会帮我们做账户密码的验证,但是如我们需要添加一个验证码,就需要对配置文件进行修改,这篇文章主要给大家介绍了关于Spring Security添加验证码的两种方式,需要的朋友可以参考下2021-10-10
阿里nacos+springboot+dubbo2.7.3统一处理异常的两种方式
本文主要介绍了阿里nacos+springboot+dubbo2.7.3统一处理异常的两种方式,文中根据实例编码详细介绍的十分详尽,具有一定的参考价值,感兴趣的小伙伴们可以参考一下2022-03-03
这篇文章主要介绍了java中线程池的关闭问题,具有很好的参考价值,希望对大家有所帮助,如有错误或未考虑完全的地方,望不吝赐教2023-08-08
Swagger 是一个规范和完整的框架,用于生成、描述、调用和可视化 RESTful 风格的 Web 服务。总体目标是使客户端和文件系统作为服务器以同样的速度来更新。文件的方法,参数和模型紧密集成到服务器端的代码,允许API来始终保持同步2021-10-10
MyBatis与SpringMVC相结合实现文件上传、下载功能
这篇文章主要介绍了MyBatis与SpringMVC相结合实现文件上传、下载功能的相关资料,非常不错,具有参考借鉴价值,需要的朋友可以参考下2016-06-06
最新评论