Session学习总结

Session

session主要的用途就是来识别客户端.1.创建。  当浏览器第一次访问服务器的动态资源就创建  --> request.getSession();2.存活  应用运行时，活着.3.销毁  Session.invalidate();//强制销毁  超时：默认30分钟.  setMaxInactiveInterval(int s);  <session-config>      <session-timeout>1</session-timeout>  </session-config>

一个实例:Session保存验证码的信息

一个jsp:用来显示页面

<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html>  <head>  </head>  <body>    <%        String msg = (String)request.getAttribute("msg");        if(msg!=null){            out.print(msg);        }     %>    <form action="/HttpSession/doLogin" method="post">        用户名：<input type="text" name="userName"/><br>        密码：<input type="password" name="pwd"/><br>        验证码：<input type="text" name="code"/>        <img src="/HttpSession/codeServlet" >看不清换一张</a><br>        <input type="submit" value="登录"/><br>    </form>  </body></html>

这是验证码错误的情况：

页面中img访问的一个Servlet

package com.mec.servlet;import java.io.IOException;import javax.servlet.ServletException;import javax.servlet.annotation.WebServlet;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import cn.dsna.util.images.ValidateCode;@WebServlet(name = "codeServlet", urlPatterns = { "/codeServlet" })public class CodeServlet extends HttpServlet {    private static final long serialVersionUID = 1L;    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {        ValidateCode vc = new ValidateCode(110, 25, 4, 9);//产生一个验证码        String scode = vc.getCode();//得到验证码的数字        request.getSession().setAttribute("scode", scode);//当第一次访问时，记录验证码的内容        vc.write(response.getOutputStream());//显示到页面    }    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {        // TODO Auto-generated method stub        doGet(request, response);    }}

处理登录的Servlet

package com.mec.servlet;import java.io.IOException;import java.io.PrintWriter;import javax.servlet.ServletException;import javax.servlet.annotation.WebServlet;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;/** * Servlet implementation class DoLoginServlet */@WebServlet(name = "doLogin", urlPatterns = { "/doLogin" })public class DoLoginServlet extends HttpServlet {    private static final long serialVersionUID = 1L;    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {        request.setCharacterEncoding("UTF-8");        response.setContentType("text/html;charset=UTF-8");        PrintWriter out = response.getWriter();        //获取表单数据        String userName = request.getParameter("userName");        String pwd = request.getParameter("pwd");        String code = request.getParameter("code");        //处理业务逻辑        String scode = (String) request.getSession().getAttribute("scode");//在session域中寻找        //分发转向        if("tom".equals(userName) && "123".equals(pwd)) {            if(!code.equalsIgnoreCase(scode)) {                String msg = "验证码错误！";                request.setAttribute("msg", msg);//request域外，不能重定向                request.getRequestDispatcher("/index.jsp").forward(request, response);            }            out.write("登陆成功！");        }    }    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {        // TODO Auto-generated method stub        doGet(request, response);    }}

验证成功：

代码流程：

1.开启服务器后，访问.http://localhost:8080/HttpSession/index.jsp-->此时会访问CodeServlet,将创建好的ValidateCode写到index.jsp,并且保存此时的session,服务器会随机产生一个JSessionId设置到Cookie中返回浏览器2.填写用户名，密码。（这里只是一个test，"tom", "123"）3.填写验证码数字，并点击登录。此时会访问DoLoginServlet, 在这里得到session。在session域中会有上次保存的验证码信息，两者进行比对。符合条件则输出登录成功，否则将错误信息分发转向到index.jsp中。(代码中的错误信息属于在request域外的内容，所以要转发，不能重定向)