服务器端创建session,并向浏览器发送相应的JSESSIONID,当浏览器的cookie里含有JSESSIONID时,它发起的请求就会附带这个JSESSIONID,服务器就可以根据这个JSESSIONID来匹配相应的session。关闭浏览器后JSESSIONID即被销毁。
@WebServlet(name = "TestSession") public class TestSession extends HttpServlet { @Override protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { //如果请求中含有JSESSIONID则返回其对应的session对象 //如果请求中没有JSESSIONID则创建session并将对应的JSESSIONID发送到浏览器的cookie的临时存储空间 //如果session对象失效了,则重新创建一个session并将对应的JSESSIONID发送到浏览器的cookie的临时存储空间 HttpSession ss = req.getSession(); //设置session的有效时间(秒) 默认存储时间是 30 分钟 ss.setMaxInactiveInterval(8); //设置session立即失效 // ss.invalidate(); System.out.println(ss.getId()); resp.getWriter().write("JSESSIONID的值是: " + ss.getId()); } }
不同servlet间获取session示例:
1. 获取cookie:
public class TestSession extends HttpServlet { @Override protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { resp.setContentType("text/html;charset=utf-8"); req.setCharacterEncoding("utf-8"); Cookie c1 = new Cookie("name", "Ryan"); Cookie c2 = new Cookie("country", "中国"); Cookie c3 = new Cookie("pwd", "613025"); resp.addCookie(c1); resp.addCookie(c2); resp.addCookie(c3); resp.getWriter().write("cookie已放入浏览器"); System.out.println("cookie已放入浏览器"); } }
浏览器访问此servlet后获取到cookie:
2. 服务器获取客户端cookie, 创建session并将相应的JSESSIONID写到服务器:
public class SessionWrite extends HttpServlet { @Override protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { resp.setContentType("text/html;charset=utf-8"); req.setCharacterEncoding("utf-8"); HttpSession ss = req.getSession(); //创建用来存储cookie元数据的对象 class CookieAtom { private String name; private String value; public Object getCookie(){ return (name + ": " + value ); }; public void setCookie(String name, String value){ this.name = name; this.value = value; } } //获取用户提交的数据 Cookie[] coo = req.getCookies(); ArrayList cookieBox = new ArrayList(); if (coo != null){ for (Cookie c: coo){ String name = c.getName(); String value = c.getValue(); //将cookie写到session中 ss.setAttribute(name, value); //将元数据封装到对象中 CookieAtom atom = new CookieAtom(); atom.setCookie(name, value); cookieBox.add(atom); } } for (Object c: cookieBox){ System.out.println(c); }; resp.getWriter().write("数据已写入session, 访问SessionRead查看"); } }
浏览器访问此servlet后获取到JSESSIONID:
3. 带有JSESSIONID的请求访问其他的servlet, 服务器获取到对应的session: (SessionRead.servlet获取到了SessionWrite.sevlet中创建的session)
public class SessionRead extends HttpServlet { @Override protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { resp.setContentType("text/html;charset=utf-8"); req.setCharacterEncoding("utf-8"); resp.getWriter().write("确认服务器是否获取到session"); HttpSession ss = req.getSession(); Object name = ss.getAttribute("name"); Object country = ss.getAttribute("country"); Object pwd = ss.getAttribute("pwd"); System.out.println("name" + name); System.out.println("country" + country); System.out.println("pwd" + pwd); } }
浏览器将JSESSIONID附带在请求中发送出去: