标签:Session request 技术 response 会话 session import servlet javax
Session
概念:服务端会话技术,在一次的多次请求间共享数据,将数据保存在服务器对象中,HTTPSession对象。
快速入门:
获取session对象:public HttpSession getSession()
使用指定名称将对象绑定到此会话 :public void setAttribute(String name, Object value)
指定name获取绑定的数据:public Object getAttribute(String name)
根据name移除对应的数据 : public void
removeValue(String name)
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
//获得Session对象
HttpSession session = request.getSession();
//绑定数据
session.setAttribute("name","张三");
System.out.println("Demo1的"+ session.getId());
}
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
//获取session
HttpSession session = request.getSession();
//获取绑定的数据
String name =(String) session.getAttribute("name");
System.out.println(name);
//获取这个Session的id看看与Demo1的是否一样
System.out.println("Demo2的"+session.getId());
/*Demo1的D1A65FFFDC8091F77F25A7B342C95728
张三
Demo2的D1A65FFFDC8091F77F25A7B342C95728*/
}
Session原理
主要明白服务器如何确保在移除会话范围内,多次获取的Session对象是同一个呢???
Session的实现是依赖于Cookie的。
Session细节问题:
当客户端关闭后,服务器不关闭,两次获取session是否为同一个??
默认情况不是同一个,因为浏览器关闭了,那么相当于会话结束了。
但是我们可以通过理解session的原理,令其依赖于cookie保存在本地浏览器,进而保证session一样。
package com.session;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.*;
import java.io.IOException;
/**
* @author 承夕
* @date 2020/2/21 0021 - 9:27
* @contact:https://github.com/chengxi0
*/
@WebServlet("/sessionDemo3")
public class SessionDemo3 extends HttpServlet {
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
HttpSession session = request.getSession();
//创建一个cookie,设置其键为JSESSION ,值为当前的session对象的id
Cookie cookie = new Cookie("JSESSIONID", session.getId());
cookie.setMaxAge(60*60);
//记得response添加cookie到响应头
response.addCookie(cookie);
System.out.println(session);
}
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
this.doPost(request, response);
}
}
创建一个cookie,设置其键为JSESSION ,值为当前的session对象的id,当浏览器关闭后再打开请求式,这时请求头有一个cookie其键值分别式
JSESSIONID和服务器还没清理的域对象session对象及其ID标识,因此,在servlet内部,获取session对象的时候,就先找这个响应头带来的cookie的键值,然后发现内存中还有session对象,因此可以这样使其关闭后也可以同一个session。
客户端不关,服务器关闭之后,两次获取的session对象是同一个么??
不是同一个,但是需要确保数据不丢失
session的钝化:在服务器正常关闭之前,将session对象序列化到本地(Tomcat的work目录下)
session的活化:在服务器启动之后,将session文件转化成内存的session对象,尽管内存地址不一样了,但是内存的数据还是一样的.
session的失效时间??
- 服务器关闭
- 自身调用
public void
invalidate()销毁
默认是30分钟销毁.可以在web.xml上的<session-config>标签配置
session的特点
- session用于一次会话多次请求的数据,存在服务器端
- session可以存储任意的数据类型,任意大小的数据
session于cookie的区别:
- cookie是把数据存储在浏览器,而session是存储在服务器
- session对存储的数据大小没有限制,但是cookie是有限制的
- session数据比较安全,而cookie相对来说不太安全
案例:访问带有验证码的login.jsp页面,用户输入用户名和密码以及验证码.
- 如果用户输入的用户名和密码错误,则跳转登陆页面,提示用户名和密码错误
- 如果输入的验证码错误,那么跳转登陆页面,提示验证码错误
- 如果全部输入正确,那么跳转到主页success.jsp 显示用户名 欢迎您
login.jsp
<%@ page import="java.awt.image.BufferedImage" %>
<%@ page import="java.awt.*" %>
<%@ page import="javax.imageio.ImageIO" %><%--
Created by IntelliJ IDEA.
User: 承夕
Date: 2020/2/21 0021
Time: 13:47
To change this template use File | Settings | File Templates.
--%>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>登录页面</title>
</head>
<style>
.div1{
color: red;
}
</style>
<script>
window.onload = function () {
var e1 = document.getElementById("img1");
e1.onclick = function () {
var date = new Date();
//利用time的毫秒值清楚浏览器的缓存问题
e1.setAttribute("src", "/Tomcat_war_exploded/jspdemo1?time=" + date.getTime());
}
}
</script>
<body>
<form method="post" action="/Tomcat_war_exploded/jspdemo2">
<LABEL FOR="username1">用户名</LABEL>
<input type="text" placeholder="请输入用户名" id="username1" name="username1">
<br>
<LABEL FOR="passsword1">密码</LABEL>
<input type="password" placeholder="请输入密码" id="passsword1" name="password1">
<div ><LABEL FOR="checkcode1">验证码</LABEL>
<input type="text" placeholder="请输入验证码" id="checkcode1" name="checkcode1" ></div>
<div id="span1">
<img src="/Tomcat_war_exploded/jspdemo1" alt="图片不存在" id="img1">
<a href="JavaScript:void(0);">看不清楚点击图片切换</a>
</div>
<input type="submit" value="login" id="submit1">
</form>
<div class="div1">
<%
out.write(request.getAttribute("cd_error") == null ? "" : (String)request.getAttribute("cd_error") );
%>
</div>
<div class="div1">
<%
out.write(request.getAttribute("up_error") == null ? "" : (String)request.getAttribute("up_error") );
%>
</div>
</body>
</html>
success.jsp
<%--
Created by IntelliJ IDEA.
User: 承夕
Date: 2020/2/21 0021
Time: 22:29
To change this template use File | Settings | File Templates.
--%>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>登录成功</title>
</head>
<body>
<h1><% out.write(request.getParameter("username1")); %>,欢迎登录</h1>
</body>
</html>
package com.jsp;
import javax.imageio.ImageIO;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.awt.*;
import java.awt.image.BufferedImage;
import java.io.IOException;
import java.util.Random;
/**
* @author 承夕
* @date 2020/2/21 0021 - 18:50
* @contact:https://github.com/chengxi0
*/
@WebServlet("/jspdemo1")
public class JSPDemo1 extends HttpServlet {
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
//在这里动态的生成验证码
//创建图像对象BufferedImage
int width = 100 ; int height = 50 ;
BufferedImage bufferedImage = new BufferedImage(width, height, BufferedImage.TYPE_INT_RGB);
//利用图像生成画笔
Graphics graphics = bufferedImage.getGraphics();
//画一个填充矩形
graphics.setColor(Color.pink);
graphics.fillRect(0,0,width,height);
graphics.setColor(Color.RED);
String s1 = "ABCDEFGHIJKLMNOPQRSTUVWXYZqwertyuiopadsfghjklzxcvbnm1234567890";
//创建字符数组,保存在session
char[] chars = new char[4];
HttpSession session = request.getSession();
//进行美化图片
Random random1 = new Random();
Random random2 = new Random();
for (int i = 0; i <= 3; i++) {
int n = random1.nextInt(s1.length());
graphics.drawString(s1.charAt(n) + "", 20 * (i+ 1), 25);
chars[i] = s1.charAt(n);
}
graphics.setColor(Color.blue);
for (int i = 0; i < 10; i++) {
int x1 = random2.nextInt(width);
int y1 = random2.nextInt(height);
int x2 = random2.nextInt(width);
int y2 = random2.nextInt(height);
graphics.drawLine(x1, y1, x2, y2);
}
//保存在session中
session.setAttribute("checkcode", chars);
//输出图片
ImageIO.write(bufferedImage, "jpg", response.getOutputStream());
}
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
this.doPost(request,response);
}
}
package com.jsp;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
/**
* @author 承夕
* @date 2020/2/21 0021 - 22:11
* @contact:https://github.com/chengxi0
*/
@WebServlet("/jspdemo2")
public class JSPDemo2 extends HttpServlet {
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
response.setContentType("text/html;charset=utf-8");
//设用户名为zhangsan 密码为123456
//获取用户名和密码
String username = request.getParameter("username1");
String password = request.getParameter("password1");
String checkcode = request.getParameter("checkcode1");
HttpSession session = request.getSession();
char[] checkcodes = (char[])session.getAttribute("checkcode");
//获取完验证码后,需要把验证码删除,不然返回上一个网页依然可以登录
request.getSession().removeAttribute("checkcode");
boolean flag = true ;
if (checkcodes != null) {
//再去判断验证码是否正确
for (int i = 0 ;i < 4 ;i ++) {
String s1 = (checkcode.charAt(i) + "").toLowerCase() ;
String s2 = (checkcodes[i] + "").toLowerCase() ;
if (!s1.equals(s2)) {
//说明验证码不正确
flag = false ;
}
}
}
else {
flag = false ;
}
//判断用户名和密码是否都正确
if ( username.equals("zhangsan") && password.equals("123456")) {
if (flag) {
//登录成功,显示页面
//response.sendRedirect("/Tomcat_war_exploded/jsp/success.jsp");
request.getRequestDispatcher("/jsp/success.jsp").forward(request, response);
}else{
//提示登录失败
request.setAttribute("cd_error","验证码错误");
request.getRequestDispatcher("/jsp/login.jsp").forward(request, response);
}
}else{
//提示登录失败
request.setAttribute("up_error","用户名或者密码错误");
request.getRequestDispatcher("/jsp/login.jsp").forward(request, response);
}
}
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
this.doPost(request,response);
}
}
承夕 发布了21 篇原创文章 · 获赞 4 · 访问量 351 私信 关注
标签:Session,request,技术,response,会话,session,import,servlet,javax 来源: https://blog.csdn.net/weixin_45062761/article/details/104422497
本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享; 2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关; 3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关; 4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除; 5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。