- _nosay
Session的会话流程
2017-11-20 17:28:21
Session技术是将数据存储在服务端的技术,会为每个客户端都创建一块内存空间存储客户的数据,便客户端需要每次都携带一个标识ID去服务器中寻找属于自己的内存空间.所以说Session的实现是基于Cookie,Session需要借助于Cookie存储客户的唯一性标识 JSESSIONID
注意点:在Session中我们需要学习如下三个问题
1.怎样获得属于本客户端的session对象(内存区域)?
2.怎样向session中存取数据 (session也是一个域的对象)?
3.session对象的生命周期
获得Session 对象
HttpSession session = request.getSession();
此方法会获得专属于当前会话的Session对象,如果服务器端没有该会话的Session对象会创建一个新的Session返回,如果已经有了属于该会话的Session直接将已有的Session返回(实质就是根据JSESSIONID)判断该客户端是否在服务器上已经存在了session了.
测试:
新建SessionServlet文件,内容为
package net.zixue.session; import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import java.io.IOException; @WebServlet(name = "SessionServlet",urlPatterns = "/session") public class SessionServlet extends HttpServlet { protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { } protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { HttpSession session = request.getSession(); String sessionId = session.getId(); response.getWriter().write("JESSIONID="+sessionId); } }
访问SessionServlet,我们看到响应头在已经有了Set-Cookie了,如图所示
Session存取数据&生命周期
1.怎样向session中存取数据(session也是一个域对象),Session也是存储数据的区域对象,所以session对象也具有如下三个方法:
session.setAttribute(String name , Object obj);
session.getAttribute(String name);
session.removeAttribute(String name);
2.Session对象的生命周期
创建:第一次执行request.getSession()时创建.
销毁:
1.服务器(非正常)关闭时
2.session过期/失效 (默认30分钟)
问题:时间的起算点从何时开始计算这30分钟?
答:从不操作服务端资源开时计时.
可以通过修改根目录下的web.xml来设置此默认时间,如
<session-config>
<session-timeout>10</session-timeout>
</session-config>
这样session的失效时间就是10分钟了
创建SaveSessionServlet文件,内容如下:
package net.zixue.session; import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import java.io.IOException; @WebServlet(name = "SaveSessionServlet",urlPatterns = "/save") public class SaveSessionServlet extends HttpServlet { protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { } protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { HttpSession session = request.getSession(); session.setAttribute("goods","cup"); } }
创建GetSessionServlet内容如下:
package net.zixue.session; import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import java.io.IOException; @WebServlet(name = "GetSessionServlet",urlPatterns = "/getSession") public class GetSessionServlet extends HttpServlet { protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { } protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { HttpSession session = request.getSession(); String goods =(String) session.getAttribute("goods"); response.getWriter().write(goods); } }
然后访问SaveSessionServlet再访问GetSessionServlet,成功得到相应的session内容.