【JavaWeb】Session

Session是服务器端技术，利用这个技术，服务器在运行时可以为每一个用户的浏览器创建一个其独享的session对象，由于session为用户浏览器独享，所以用户在访问服务器的web资源时，可以把各自的数据放在各自的session中，当用户再去访问服务器中的其它web资源时，其它web资源再从用户各自的session中取出数据为用户服务。

/******************************************************************************* * session的几个相关问题： * 1.服务器实现session共享是基于cookie技术，服务器在创建session时，会自动把sessionID号以cookie的形式写回给浏览器，只是cookie有效期没有设置。 * 2.如果要实现多窗口购买，这时程序就要手工以cookie的形式发送sessionID号给浏览器，并设置cookie有效期，以及有效路径（/test） * 3.如果用户禁用 cookie后，服务器程序还能实现session共享，那这时，就要把网站所有涉及会话的url地址全部要重写 *  * ******************************************************************************/public class SessionDemo1 extends HttpServlet {public void doGet(HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException {HttpSession session = request.getSession();String data = "xxxxx";session.setAttribute("data", data);}public void doPost(HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException {doGet(request, response);}}

用session来防止表单重复提交

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html>  <head>    <title>form2.html</title>    <meta http-equiv="keywords" content="keyword1,keyword2,keyword3">    <meta http-equiv="description" content="this is my page">    <meta http-equiv="content-type" content="text/html; charset=UTF-8">        <!--<link rel="stylesheet" type="text/css" href="./styles.css">-->  </head>  <body>   <form action="/test/servlet/FormServlet"  method="post">    用户名：<input type="text" name="username"><input type="submit" value="登陆">    </form>  </body></html>

//负责输出一个表单给用户public class FormServlet extends HttpServlet {public void doGet(HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException {response.setCharacterEncoding("UTF-8");response.setContentType("text/html;charset=UTF-8");PrintWriter out = response.getWriter();String token = TokenProccessor.getInstance().makeToken();request.getSession().setAttribute("token", token);out.println("<form action='/test/servlet/DoSubmitServlet' method='post'>");out.write("<input type='hidden' name='token' value='"+token+"'>\r\n");out.write("<input type='text' name='username'>\r\n");out.write("<input type='submit' value='提交'>\r\n");out.write("</form>\r\n");System.out.println("token"+token);}public void doPost(HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException {doGet(request, response);}}//随机数生成器   保证随机数的唯一性，所有随机数都由这一个对象产生。这样产生相同的随机数的几率较小。class TokenProccessor{//1.把构造函数私有//2.自己创建一个类的对象//3.提供方法获取类的对象private TokenProccessor(){}private static TokenProccessor instance = new TokenProccessor();public static TokenProccessor getInstance(){return instance;}public String makeToken(){// 28378232323 232323   9239283983292 11String token = System.currentTimeMillis() + new Random().nextInt(1000000) + "";//得到数据指纹  //md5  消息摘要try {MessageDigest digest = MessageDigest.getInstance("md5");byte result[] = digest.digest(token.getBytes());  //128    16  固定长度。BASE64Encoder encoder = new BASE64Encoder();  //Base64将三字节变成四字节(由原来的8位截前6位然后在前面补00,所以取值范围0-63)token = encoder.encode(result);} catch (NoSuchAlgorithmException e) {throw new RuntimeException(e);}return token;}}

//处理表单提交请求，要防表单重复提交public class DoSubmitServlet extends HttpServlet {public void doGet(HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException {boolean b = isToken(request);   //bif(b){System.out.println("重复提交");return;}System.out.println("处理表单提交请求！！");request.getSession().removeAttribute("token");}private boolean isToken(HttpServletRequest request) {String c_token = request.getParameter("token");System.out.println("c_token"+c_token);if(c_token==null){return true;}String s_token = (String) request.getSession().getAttribute("token");if(s_token==null){return true;}if(!c_token.equals(s_token)){return true;}return false;}public void doPost(HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException {doGet(request, response);}}