Cookie和Session
http协议是一个无状态的协议,你每一个跳转到下一个页面的时候都是需要先登录才能使用,这样就很麻烦比如淘宝,没有cookie和session的话,用户在首页已经登录上去了,但是需要再次登录才能选择商品,需要再次登录才能放到购物车,需要再次登录才能然后购买,这样用户的体验是相当差的。
一、cookie
-
是什么
-
浏览器保存的内容,通常cookie是在浏览器中保存的,每一次访问服务器的时候,浏览器会自动的把cookie带到下一个页面的
-
如果想要使用cookie要保证我们的浏览器是开启cookie,所以说有一定的弊端,如果浏览器没有开启cookie,就不能再使用cookie了
-
cookie的大小是有限制的,通常是4096byte
-
cookie的保存是以键值对的形式存在的
-
常用方法
//1.cookie的构造方法,目的是实例化出来cookie对象
Cookie(String name,String value)
//2.设置cookie的方法
setValue(String value) //修改cookie的值
setMaxAge(int time) //设置cookie的有效时间
setPath(String path) //设置当前cookie的有效路径
//3.要将cookie发送到浏览器
response.addCookie(Cookie cookie);1.servlet实例一
package com.by.servlet;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
public class setCookieServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doPost(req, resp);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
/**
* 1.创建cookie对象
* 将键:msg 值:sb ,存到cookie对象中
*/
Cookie cookie = new Cookie("msg", "sb");
/**
* 2.设置有效时间
* 正数:表示当前cookie的有效时间
* 负数:表示当前浏览器打开的时候存在,关闭的时候没了
* 0:销毁当前的cookie
*/
cookie.setMaxAge(60*60*24*7);
//3.把cookie发送到浏览器
resp.addCookie(cookie);
}
}
- web.xml
setCookie
com.by.servlet.setCookieServlet
setCookie
/setCookie
- 结果
2.servlet实例二
package com.by.servlet;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
public class getCookieServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doPost(req, resp);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//获取浏览器中cookie,返回值是一个数组
Cookie[] cookies = req.getCookies();
for (Cookie cookie :cookies) {
String name = cookie.getName();//获取键
String value = cookie.getValue();//获取值
System.out.println(name+"======"+value);
}
}
}
- web.xml
getCookie
com.by.servlet.getCookieServlet
getCookie
/getCookie
- 结果
3.servlet实例三
package com.by.servlet;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
public class DestroyCookieServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doPost(req, resp);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//退出登录
Cookie[] cookies = req.getCookies();
for (Cookie cookie :cookies) {
if (cookie.getName().equals("msg")){
cookie.setMaxAge(0);//销毁cookie
resp.addCookie(cookie);//重新发送给浏览器
}
}
}
}
- web.xml
destroyCookie
com.by.servlet.DestroyCookieServlet
destroyCookie
/destroyCookie
- 结果
二、session
-
为什么使用session?
-
cookie保存数据类型是单一的,只能保存字符串类型的数据
-
cookie的大小由限制
-
是什么?
-
保存服务器中,每一个session在我们当前的服务器会有一个标识号
-
使用session的时候一般要开启cookie如果浏览器没有开启cookie功能,我们可以通过html的url传参完后session的使用
-
没有大小的限制
-
信息的保存也是以键值对的形式存在的
session原理图:
1.实例一 (setSessionservlet)
package com.by.servlet;
import com.by.pojo.User;
import javax.servlet.ServletException;
import javax.servlet.http.*;
import java.io.IOException;
import java.util.Date;
public class SetSessionServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doPost(req, resp);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//1.获取session对象
HttpSession httpSession = req.getSession();
System.out.println(httpSession);
//获取的是JSESSIONID 服务器唯一的标识
String id = httpSession.getId();
System.out.println("SessionId:"+id);
//给session设置一个时间,有效果的,里面放的是秒
httpSession.setMaxInactiveInterval(60*6);
User user = new User();
user.setUsername("小灰灰");
user.setSex("男");
user.setBirthday(new Date());
user.setAddress("狼堡");
httpSession.setAttribute("user",user);
}
}
- web.xml
setSession
com.by.servlet.SetSessionServlet
setSession
/setSession
- 结果
2.实例二(getSessionServlet)
package com.by.servlet;
import com.by.pojo.User;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.util.Date;
public class GetSessionServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doPost(req, resp);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//1.获取session对象
HttpSession httpSession = req.getSession();
//2.获取session,通过键取值
User user = (User) httpSession.getAttribute("user");
System.out.println(user);
}
}
- web.xml
getSession
com.by.servlet.GetSessionServlet
getSession
/getSession
- 结果
3.实例三(DestroySessionServlet)
package com.by.servlet;
import com.by.pojo.User;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.util.Date;
public class DestroySessionServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doPost(req, resp);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//1.获取session对象
HttpSession httpSession = req.getSession();
//销毁session
httpSession.invalidate();
}
}
- web.xml
destroySession
com.by.servlet.DestroySessionServlet
destroySession
/destroySession
- 结果(销毁之后,查看不到数据)
三、总结
cookie和session
1、cookie
1)是什么
保存在浏览器的一块存储区域
2)特点
②键值对
③可以禁用cookie
④最多存4096byte
⑤可设置过期时间
2、session
1)是什么
是一个域对象,保存在服务器
2)特点
①键值对
②可设置过期时间
③失效:过期或关闭浏览器