java_web:cookie&session
程序员文章站
2024-02-28 11:37:16
...
一次会话中包含多次请求和响应。浏览器第一次给服务器资源发送请求,会话建立,直到一方断开为止。
功能:在一次会话的范围内的多次请求间能够共享数据
方式: cookie、session
cookie:客户端会话技术,将数据保留在客户端
步骤:
- 创建cookie对象,绑定数据(new Cookie(String name,String value))
- 发送cookie(response.addCookie(Cookie cookie))
- 获取cookie,拿到数据(Cookies[] request.getCookies())
@WebServlet("demo0831003")
public class CookiesDemo01 extends HttpServlet {
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
Cookie cookie = new Cookie("name", "zhangsan");
resp.addCookie(cookie);
}
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
this.doPost(req, resp);
}
}
@WebServlet("demo0831004")
public class CookiesDemo02 extends HttpServlet {
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
Cookie[] cookies = req.getCookies();
for(Cookie c :cookies){
System.Out.Println(c.getName()+"===="+c.getValue());
}
}
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
this.doPost(req, resp);
}
}
1.可以创建多个cookie对象,使用response调用addCookies方法进行发送cookie
2.默认情况下,当浏览器关闭,cookie数据被销毁,可以利用serMaxAge(int seconds)方法进行持久化存储,seconds为正数时,将cookie持久化到硬盘中,seconds后自动删除cookie,负数为默认情况,0时即删除cookie
3.Tomcat8之前 不能直接存储中文,需要将中文数据进行转码;8之后能够直接存储中文。
特点:
- 存储在客户端,安全性能较低
- 对单个cookie大小有限制,同一个域名下的cookie数量有限制
demo:
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.text.SimpleDateFormat;
import java.util.Date;
@WebServlet("cookiesDemo")
public class CookiesDemo extends HttpServlet {
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
resp.setContentType("text/html;charset=utf-8");
Cookie[] cookies = req.getCookies();
boolean flag = false;
if(cookies!=null && cookies.length>0){
for (Cookie c: cookies) {
String name = c.getName();
if ("lateTime".equals(name)){
flag=true;
Date date = new Date();
SimpleDateFormat sdf = new SimpleDateFormat("MM/dd/yyyy HH:mm:ss");
String str_date = sdf.format(date);
c.setValue(str_date);
c.setMaxAge(60*60*24*90);
resp.addCookie(c);
String value = c.getValue();
resp.getWriter().write("welcome back, 您上次登陆时间是: "+value);
}
}
}
if(cookies==null || cookies.length==0|| flag==false){
Date date = new Date();
SimpleDateFormat sdf = new SimpleDateFormat("MM/dd/yyyy HH:mm:ss");
String str_date = sdf.format(date);
Cookie c = new Cookie("lastTime",str_date);
c.setValue(str_date);
c.setMaxAge(60*60*24*90);
resp.addCookie(c);
resp.getWriter().write("welcome ");
}
}
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
this.doPost(req,resp);
}
}
session:
服务端会话技术,在一次会话的多次请求间共享数据,将数据保存在服务器端。
1.当服务器不关闭,客户端关闭,两次获取的session默认情况下不是同一个
2.当服务器关闭,客户端不关闭,两次获取的session不是同一个
3.服务器关闭,session销毁;session默认失效时间30分钟;
特点:
- 可以存储任意类型,任意大小的数据
- 存储数据相对于安全
demo