For example, in the shopping cart scenario, the server creates a specific session for the user to identify and track the user. There are many ways for the server to save the session. If there are clusters of memory, database, and files, consider the transfer of the session. Large web sites have clusters of dedicated session servers to store user sessions, which are typically stored in memory

How does the server identify a particular client?

Each TIME an HTTP request is made, the client sends a response cookie to the server. Most applications use cookies to implement session tracking. When a session is created for the first time, the server tells the client to record a session ID in the cookie class. I’m going to send this ID to the database every time I request it, so I know who you are and if the browser disables cookies, I can rewrite the URL to do session tracking

Cookie login scenario, once logged in the website, the second visit does not need to enter the account password automatically logged in, is to write the information in the Cookie, when visiting the website, the script of the website page reads the Cookie, automatically help you fill in the user name

Cookie

The cookie mechanism

CookieAPI

Create and send cookies

@WebServlet("/sendCookie")
public class sendCookie extends HttpServlet {

	public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {// Create cookie cookie cookie=new cookie ("name"."zqf"); Response.addcookie (cookie); response.addcookie (cookie); }}Copy the code

The first access will see that the response header contains a cookie and is sent to the client

Cookies are session level, that is, when the browser starts and closes, the cookie disappears when the browser closes, but sometimes it doesn’t disappear, because the cookie is set to persist on the client side

Set the cookie persistence time

cookie.setMaxAge(10*60*1000); Set the time for storing cookies in the browser to 10 minutes, when the time is up, the cookie information is automatically deletedCopy the code

Set the cookie carrying path

cookie.setPath("/"); Access all resources under the server carry this cookie cookie.setPath("/ project name/current page"); Cookies are carried only when you visit the current pageCopy the code

Delete the cookie.

@WebServlet("/removeCookie")
public class removeCookie extends HttpServlet {
	public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {// Delete client saved name- XXX cookie cookie=new cookie ("name".""); // Set the time to 0 cookie.setMaxAge(0); response.addCookie(cookie); }}Copy the code

To get a cookie

@WebServlet("/getCookie"Public class getCookie extends HttpServlet {// Get the cookie value public voiddoGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		Cookie[] cookies = request.getCookies();
		for(Cookie cookie:cookies) {
			String cookieName = cookie.getName();
			if(cookieName.equals("name")) { String cookieValue = cookie.getValue(); System.out.println(cookieValue); }}}}Copy the code

Session

The session technology is based on cookies, which store the sessionid — jsessionID

The session mechanism

Session is a degree of service mechanism that stores user data like a hash table when the browser sends a request to the client for the first time, The server automatically generates a session and a session ID and the session ID uniquely identifies the session and sends the session ID to the browser when the server responds and the browser carries the session ID when it sends a second request to the server The server uses this ID to find the corresponding session to retrieve user dataCopy the code

If cookies are disabled, sessions are also disabled, and you can override the URL to get rid of cookiesCopy the code

Cookies identify users by recording information on the client. Session identifies users by recording information on the server. Session data is stored on the server, and Cookie data is stored on the client's browserCopy the code

The lifetime of the session

The life cycle

Create the first time request.getSession() is created destroy the server (abnormal) Close the Session expires Automatically configure the Web.xml under Tomcat manually destroy session.invalidate();Copy the code

Is the session destroyed when the server is shut down?

No, I have time to see if the session expiresCopy the code

Session is different from cookie

The session is stored on the server, the cookie is stored on the client in the session. The cookie is stored as a string. The session is not pathable. During the same user's visit to a website, all sessions can access cookies anywhere. If you set the path, If you can't access the session in some places, you need cookies to work properly. If you disable cookies, the session is invalid and the client automatically encapsulates the local surviving cookies in the message sent to the server when sending the requestCopy the code

Application scenarios of Session and cookie

Session context mechanism, for each user, through the sessionID to distinguish between different customers session is based on cookie or URL rewriting, the default cookie implementation, The system will create an output named jsessionID cookie important state go session, not important go cookie, login information use session, shopping car use cookieCopy the code

mo4tech.com (Moment For Technology) is a global community with thousands techies from across the global hang out!Passionate technologists, be it gadget freaks, tech enthusiasts, coders, technopreneurs, or CIOs, you would find them all here.

The Session and cookies

Cookie

CookieAPI

Session

The lifetime of the session

Session is different from cookie

Application scenarios of Session and cookie

The Session and cookies

Cookie

CookieAPI

Session

The lifetime of the session

Session is different from cookie

Application scenarios of Session and cookie

Related Posts

Study the Principles of Composer (1)

Computer Networking -UDP

[Product Introduction] What are the features of “elastic bare Metal server”?