session

服务器端创建session，并向浏览器发送相应的JSESSIONID，当浏览器的cookie里含有JSESSIONID时，它发起的请求就会附带这个JSESSIONID，服务器就可以根据这个JSESSIONID来匹配相应的session。关闭浏览器后JSESSIONID即被销毁。

@WebServlet(name = "TestSession")
public class TestSession extends HttpServlet {

    @Override
    protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {

        //如果请求中含有JSESSIONID则返回其对应的session对象
        //如果请求中没有JSESSIONID则创建session并将对应的JSESSIONID发送到浏览器的cookie的临时存储空间
        //如果session对象失效了，则重新创建一个session并将对应的JSESSIONID发送到浏览器的cookie的临时存储空间
        HttpSession ss = req.getSession();
        //设置session的有效时间(秒)  默认存储时间是 30 分钟
        ss.setMaxInactiveInterval(8);
        //设置session立即失效
//        ss.invalidate();

        System.out.println(ss.getId());

        resp.getWriter().write("JSESSIONID的值是： " + ss.getId());
    }
}

不同servlet间获取session示例:

1. 获取cookie:

public class TestSession extends HttpServlet {

    @Override
    protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        resp.setContentType("text/html;charset=utf-8");
        req.setCharacterEncoding("utf-8");

        Cookie c1 = new Cookie("name", "Ryan");
        Cookie c2 = new Cookie("country", "中国");
        Cookie c3 = new Cookie("pwd", "613025");

        resp.addCookie(c1);
        resp.addCookie(c2);
        resp.addCookie(c3);

        resp.getWriter().write("cookie已放入浏览器");

        System.out.println("cookie已放入浏览器");

    }
}

浏览器访问此servlet后获取到cookie:

 2. 服务器获取客户端cookie, 创建session并将相应的JSESSIONID写到服务器:

public class SessionWrite extends HttpServlet {

    @Override
    protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        resp.setContentType("text/html;charset=utf-8");
        req.setCharacterEncoding("utf-8");

        HttpSession ss = req.getSession();

        //创建用来存储cookie元数据的对象
        class CookieAtom {
            private String name;
            private String value;

            public Object getCookie(){
                return (name + ": " + value );
            };
            public void setCookie(String name, String value){
                this.name = name;
                this.value = value;
            }
        }

        //获取用户提交的数据
        Cookie[] coo = req.getCookies();
        ArrayList cookieBox = new ArrayList();
        if (coo != null){
            for (Cookie c: coo){
                String name = c.getName();
                String value = c.getValue();

                //将cookie写到session中
                ss.setAttribute(name, value);

                //将元数据封装到对象中
                CookieAtom atom = new CookieAtom();
                atom.setCookie(name, value);
                cookieBox.add(atom);
            }
        }
        for (Object c: cookieBox){
            System.out.println(c);
        };


        resp.getWriter().write("数据已写入session, 访问SessionRead查看");



    }
}

浏览器访问此servlet后获取到JSESSIONID:

 3. 带有JSESSIONID的请求访问其他的servlet, 服务器获取到对应的session: (SessionRead.servlet获取到了SessionWrite.sevlet中创建的session)

public class SessionRead extends HttpServlet {

    @Override
    protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        resp.setContentType("text/html;charset=utf-8");
        req.setCharacterEncoding("utf-8");

        resp.getWriter().write("确认服务器是否获取到session");

        HttpSession ss = req.getSession();

        Object name = ss.getAttribute("name");
        Object country = ss.getAttribute("country");
        Object pwd = ss.getAttribute("pwd");

        System.out.println("name" + name);
        System.out.println("country" + country);
        System.out.println("pwd" + pwd);

    }
}

 浏览器将JSESSIONID附带在请求中发送出去: