JavaWeb學(xué)習(xí)總結(jié)(十二)-Session

JavaWeb學(xué)習(xí)總結(jié)(十二)——Session一、Session簡(jiǎn)單介紹在WEB開發(fā)中，服務(wù)器可以為每個(gè)用戶瀏覽器創(chuàng)建一個(gè)會(huì)話對(duì)象（session對(duì)象），注意：一個(gè)瀏覽器獨(dú)占一個(gè)session對(duì)象(默認(rèn)情況下)。因此，在需要保存用戶數(shù)據(jù)時(shí)，服務(wù)器程序可以把用戶數(shù)據(jù)寫到用戶瀏覽器獨(dú)占的session中，當(dāng)用戶使用瀏覽器訪問其它程序時(shí)，其它程序可以從用戶的session中取出該用戶的數(shù)據(jù)，為用戶服務(wù)。二、Session和Cookie的主要區(qū)別Cookie是把用戶的數(shù)據(jù)寫給用戶的瀏覽器。Session技術(shù)把用戶的數(shù)據(jù)寫到用戶獨(dú)占的session中。Session對(duì)象由服務(wù)器創(chuàng)建，開發(fā)人員可以調(diào)用request對(duì)象的getSession方法得到session對(duì)象。三、session實(shí)現(xiàn)原理3.1、服務(wù)器是如何實(shí)現(xiàn)一個(gè)session為一個(gè)用戶瀏覽器服務(wù)的？

服務(wù)器創(chuàng)建session出來(lái)后，會(huì)把session的id號(hào)，以cookie的形式回寫給客戶機(jī)，這樣，只要客戶機(jī)的瀏覽器不關(guān)，再去訪問服務(wù)器時(shí)，都會(huì)帶著session的id號(hào)去，服務(wù)器發(fā)現(xiàn)客戶機(jī)瀏覽器帶sessionid過(guò)來(lái)了，就會(huì)使用內(nèi)存中與之對(duì)應(yīng)的session為之服務(wù)?？梢杂萌缦碌拇a證明：1packagexdp.gacl.session;23importjava.io.IOException;4importjavax.servlet.ServletException;5importjavax.servlet.http.HttpServlet;6importjavax.servlet.http.HttpServletRequest;7importjavax.servlet.http.HttpServletResponse;8importjavax.servlet.http.HttpSession;910publicclassSessionDemo1extendsHttpServlet{1112publicvoiddoGet(HttpServletRequestrequest,HttpServletResponseresponse)13throwsServletException,IOException{1415response.setCharacterEncoding("UTF=8");16response.setContentType("text/html;charset=UTF-8");17//使用request對(duì)象的getSession()獲取session，如果session不存在則創(chuàng)建一個(gè)18HttpSessionsession=request.getSession();19//將數(shù)據(jù)存儲(chǔ)到session中20session.setAttribute("data","孤傲蒼狼");21//獲取session的Id22StringsessionId=session.getId();23//判斷session是不是新創(chuàng)建的24if(session.isNew()){25response.getWriter().print("session創(chuàng)建成功，session的id是："+sessionId);26}else{27response.getWriter().print("服務(wù)器已經(jīng)存在該session了，session的id是："+sessionId);28}29}3031publicvoiddoPost(HttpServletRequestrequest,HttpServletResponseresponse)32throwsServletException,IOException{33doGet(request,response);34}35}第一次訪問時(shí)，服務(wù)器會(huì)創(chuàng)建一個(gè)新的sesion，并且把session的Id以cookie的形式發(fā)送給客戶端瀏覽器，如下圖所示：點(diǎn)擊刷新按鈕，再次請(qǐng)求服務(wù)器，此時(shí)就可以看到瀏覽器再請(qǐng)求服務(wù)器時(shí)，會(huì)把存儲(chǔ)到cookie中的session的Id一起傳遞到服務(wù)器端了，如下圖所示：我猜想request.getSession()方法內(nèi)部新創(chuàng)建了Session之后一定是做了如下的處理1//獲取session的Id2StringsessionId=session.getId();3//將session的Id存儲(chǔ)到名字為JSESSIONID的cookie中4Cookiecookie=newCookie("JSESSIONID",sessionId);5//設(shè)置cookie的有效路徑6cookie.setPath(request.getContextPath());7response.addCookie(cookie);四、瀏覽器禁用Cookie后的session處理4.1、IE8禁用cookie工具->internet選項(xiàng)->隱私->設(shè)置->將滑軸拉到最頂上（阻止所有cookies）4.2、解決方案：URL重寫response.encodeRedirectURL(java.lang.String

url)用于對(duì)sendRedirect方法后的url地址進(jìn)行重寫。

response.encodeURL(java.lang.String

url)用于對(duì)表單action和超鏈接的url地址進(jìn)行重寫4.3、范例：禁用Cookie后servlet共享Session中的數(shù)據(jù)IndexServlet1packagexdp.gacl.session;23importjava.io.IOException;4importjava.io.PrintWriter;5importjava.util.LinkedHashMap;6importjava.util.Map;7importjava.util.Set;8importjavax.servlet.ServletException;9importjavax.servlet.http.HttpServlet;10importjavax.servlet.http.HttpServletRequest;11importjavax.servlet.http.HttpServletResponse;1213//首頁(yè)：列出所有書14publicclassIndexServletextendsHttpServlet{1516publicvoiddoGet(HttpServletRequestrequest,HttpServletResponseresponse)17throwsServletException,IOException{1819response.setContentType("text/html;charset=UTF-8");20PrintWriterout=response.getWriter();21//創(chuàng)建Session22request.getSession();23out.write("本網(wǎng)站有如下書：<br/>");24Set<Map.Entry<String,Book>>set=DB.getAll().entrySet();25for(Map.Entry<String,Book>me:set){26Bookbook=me.getValue();27Stringurl=request.getContextPath()+"/servlet/BuyServlet?id="+book.getId();28//response.encodeURL(java.lang.String

url)用于對(duì)表單action和超鏈接的url地址進(jìn)行重寫29url=response.encodeURL(url);//將超鏈接的url地址進(jìn)行重寫30out.println(book.getName()+"<ahref='"+url+"'>購(gòu)買</a><br/>");31}32}3334publicvoiddoPost(HttpServletRequestrequest,HttpServletResponseresponse)35throwsServletException,IOException{36doGet(request,response);37}38}394041/**42*@authorgacl43*模擬數(shù)據(jù)庫(kù)44*/45classDB{46privatestaticMap<String,Book>map=newLinkedHashMap<String,Book>();47static{48map.put("1",newBook("1","javaweb開發(fā)"));49map.put("2",newBook("2","spring開發(fā)"));50map.put("3",newBook("3","hibernate開發(fā)"));51map.put("4",newBook("4","struts開發(fā)"));52map.put("5",newBook("5","ajax開發(fā)"));53}5455publicstaticMap<String,Book>getAll(){56returnmap;57}58}5960classBook{6162privateStringid;63privateStringname;6465publicBook(){66super();67}68publicBook(Stringid,Stringname){69super();70this.id=id;71=name;72}73publicStringgetId(){74returnid;75}76publicvoidsetId(Stringid){77this.id=id;78}79publicStringgetName(){80returnname;81}82publicvoidsetName(Stringname){83=name;84}85}BuyServlet1packagexdp.gacl.session;23importjava.io.IOException;4importjava.util.ArrayList;5importjava.util.List;6importjavax.servlet.ServletException;7importjavax.servlet.http.HttpServlet;8importjavax.servlet.http.HttpServletRequest;9importjavax.servlet.http.HttpServletResponse;10importjavax.servlet.http.HttpSession;1112publicclassBuyServletextendsHttpServlet{1314publicvoiddoGet(HttpServletRequestrequest,HttpServletResponseresponse)15throwsServletException,IOException{16Stringid=request.getParameter("id");17Bookbook=DB.getAll().get(id);//得到用戶想買的書18HttpSessionsession=request.getSession();19List<Book>list=(List)session.getAttribute("list");//得到用戶用于保存所有書的容器20if(list==null){21list=newArrayList<Book>();22session.setAttribute("list",list);23}24list.add(book);25//response.encodeRedirectURL(java.lang.String

url)用于對(duì)sendRedirect方法后的url地址進(jìn)行重寫26Stringurl=response.encodeRedirectURL(request.getContextPath()+"/servlet/ListCartServlet");27System.out.println(url);28response.sendRedirect(url);29}3031publicvoiddoPost(HttpServletRequestrequest,HttpServletResponseresponse)32throwsServletException,IOException{33doGet(request,response);34}3536}ListCartServlet1packagexdp.gacl.session;23importjava.io.IOException;4importjava.io.PrintWriter;5importjava.util.List;6importjavax.servlet.ServletException;7importjavax.servlet.http.HttpServlet;8importjavax.servlet.http.HttpServletRequest;9importjavax.servlet.http.HttpServletResponse;10importjavax.servlet.http.HttpSession;1112publicclassListCartServletextendsHttpServlet{1314publicvoiddoGet(HttpServletRequestrequest,HttpServletResponseresponse)15throwsServletException,IOException{16response.setContentType("text/html;charset=UTF-8");17PrintWriterout=response.getWriter();18HttpSessionsession=request.getSession();19List<Book>list=(List)session.getAttribute("list");20if(list==null||list.size()==0){21out.write("對(duì)不起，您還沒有購(gòu)買任何商品!!");22return;23}2425//顯示用戶買過(guò)的商品26out.write("您買過(guò)如下商品:<br>");27for(Bookbook:list){28out.write(book.getName()+"<br/>");29}30}3132publicvoiddoPost(HttpServletRequestrequest,HttpServletResponseresponse)33throwsServletException,IOException{34doGet(request,response);35}36}在禁用了cookie的IE8下的運(yùn)行效果如下：通過(guò)查看IndexServlet生成的html代碼可以看到，每一個(gè)超鏈接后面都帶上了session的Id，如下所示1本網(wǎng)站有如下書：<br/>javaweb開發(fā)<ahref='/JavaWeb_Session_Study_20140720/servlet/BuyServlet;jsessionid=96BDFB9D87A08D5AB1EAA2537CDE2DB2?id=1'>購(gòu)買</a><br/>2spring開發(fā)<ahref='/JavaWeb_Session_Study_20140720/servlet/BuyServlet;jsessionid=96BDFB9D87A08D5AB1EAA2537CDE2DB2?id=2'>購(gòu)買</a><br/>3hibernate開發(fā)<ahref='/JavaWeb_Session_Study_20140720/servlet/BuyServlet;jsessionid=96BDFB9D87A08D5AB1EAA2537CDE2DB2?id=3'>購(gòu)買</a><br/>4struts開發(fā)<ahref='/JavaWeb_Session_Study_20140720/servlet/BuyServlet;jsessionid=96BDFB9D87A08D5AB1EAA2537CDE2DB2?id=4'>購(gòu)買</a><br/>5ajax開發(fā)<ahref='/JavaWeb_Session_Study_20140720/servlet/BuyServlet;jsessionid=96BDFB9D87A08D5AB1EAA2537CDE2DB2?id=5'>購(gòu)買</a><br/>所以，當(dāng)瀏覽器禁用了cookie后，就可以用URL重寫這種解決方案解決Session數(shù)據(jù)共享問題。而且response.encodeRedirectURL(java.lang.String

url)和response.encodeURL(java.lang.String

url)是兩個(gè)非常智能的方法，當(dāng)檢測(cè)到瀏覽器沒有禁用cookie時(shí)，那么就不進(jìn)行URL重寫了。我們?cè)跊]有禁用cookie的火狐瀏覽器下訪問，效果如下：從演示動(dòng)畫中可以看到，瀏覽器第一次訪問時(shí)，服務(wù)器創(chuàng)建Session，然后將Session的Id以Cookie的形式發(fā)送回給瀏覽器，response.encodeURL(java.lang.String

url)方法也將URL進(jìn)行了重寫，當(dāng)點(diǎn)擊刷新按鈕第二次訪問，由于火狐瀏覽器沒有禁用cookie，所以第二次訪問時(shí)帶上了cookie，此時(shí)服務(wù)器就可以知道當(dāng)前的客戶端瀏覽器并沒有禁用cookie，那么就通知response.encodeURL(java.lang.String

url)方法不用將URL進(jìn)行重寫了。五、session對(duì)象的創(chuàng)建和銷毀時(shí)機(jī)5.1、session對(duì)象的創(chuàng)建時(shí)機(jī)在程序中第一次調(diào)用request.getSession()方法時(shí)就會(huì)創(chuàng)建一個(gè)新的Session，可以用isNew()方法來(lái)判斷Session是不是新創(chuàng)建的范例：創(chuàng)建session1//使用request對(duì)象的getSession()獲取session，如果session不存在則創(chuàng)建一個(gè)2HttpSessionsession=request.getSession();3/