- 服务端给客户端一个信件,证明他已经访问过服务端,下次再访问的时候识别到这个信件即可访问,这个信件保存在客户端:cookie
- 服务端标记已经访问过的客户端,下次访问的时候和标记进行对比,对比成功即可访问:session
常见应用:网站登录过一次后,下次进行访问不用再登陆了。
Cookie- 从请求中拿到cookie
- 第一次访问获得一个cookie(信件),保存在客户端
- 不是第一次访问的话,会在cookie数组中找到cookie
public class CreateCookie extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//设置编码类型,防止中文乱码
req.setCharacterEncoding("utf-8");
resp.setContentType("text/html");
resp.setCharacterEncoding("utf-8");
PrintWriter out = resp.getWriter();
//因为cookie保存在客户端中,所以从请求中获取一个cookie的数组
Cookie[] cookies = req.getCookies();
//如果不是第一次访问,cookie会保存在cookie数组中,循环遍历数组
int i = 0;
while (i < cookies.length) {
if (cookies[i].getName().equals("dateTime")) {
long l = Long.parseLong(cookies[i].getValue());
Date date = new Date(l);
out.write("第一次访问的日期为:" + date.toLocaleString());break;
}
i++;
}
//如果是第一次访问,把cookie添加到cookie数组中,服务端给客户端响应一个cookie
if (i == cookies.length) {
out.write("第一次访问cookie并添加访问日期");
Cookie cookie = new Cookie("dateTime", System.currentTimeMillis() + "");
cookie.setMaxAge(86400); //设置cookie的持续时间为一天,以"秒"为单位
resp.addCookie(cookie);
}
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
一个网站的cookie是否存在上限
- 一个cookie只能存放一个信息
- 一个web站点可以给客户端多个cookie,但上限为20个
- cookie大小有限制
- 300个cookie为浏览器的上限,即一个cookie数组最多存放300个cookie
删除cookie
- 不设置有效期,直接关闭浏览器,cookie自动失效
- 设置有效期为0
public class DestoryCookie extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
Cookie cookie = new Cookie("dateTime", System.currentTimeMillis() + ""); //cookie的名字一定要和保存到cookie数组中的名字一样,不然没有效果
cookie.setMaxAge(0); //设置有效期为0
resp.addCookie(cookie);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
什么是session:
- 服务端会给每个客户端创建一个标记,相当于登记了这个客户端,session就是这个标记,有一个唯一的sessionId
- 一个session独占一个浏览器,只要浏览器没有关闭,这个session就存在
session在创建时实际做的事:
//前一个为session的名字,后一个为session唯一的id
Cookie cookie = new Cookie("JSESSIONID", "1B6AB1CE1F5395AF8EC38FAE8ABFCA35");
resp.addCookie(cookie);
- 在session中存放数据
public class CreatSession extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
req.setCharacterEncoding("utf-8");
resp.setCharacterEncoding("utf-8");
resp.setContentType("text/html");
PrintWriter out = resp.getWriter();
HttpSession session = req.getSession();
//在session中存放一个user
session.setAttribute("user", "XXXX");
//浏览器一打开session就会存在,所以一开始走的就是else,如果手动删除或者设置session有效期后,走的就是if
if (session.isNew())
out.write("第一次创建session:" + session.getId());
else
out.write("session已经存在!" + " session的ID为:" + session.getId());
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
- 从session中获取数据
public class GetSession extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
req.setCharacterEncoding("utf-8");
resp.setCharacterEncoding("utf-8");
resp.setContentType("text/html");
HttpSession session = req.getSession();
String user = (String) session.getAttribute("user"); //获取user
resp.getWriter().write(user);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
- 删除session
手动删除
public class DestorySession extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
HttpSession session = req.getSession();
session.invalidate();
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
设置有效期(在web.xml中配置)
<session-config>
<session-timeout>15session-timeout>
session-config>
cookie和session的区别
- cookie是把用户的数据写给客户端,保存在客户端(浏览器)
- session把用户的数据写到用户独占的session,由服务端保存(只保存重要的信息,避免浪费)
- session对象由服务器创建
欢迎分享,转载请注明来源:内存溢出
微信扫一扫
支付宝扫一扫
评论列表(0条)