Session的工作原理

上一节中，谈到了session的工作原理（点击链接到上一节），但实际开发中，用户可能把cookie禁用了，意味着服务器向浏览器以cookie形式回送session的id号时，浏览器不接受这个id，那么在结账servlet中就不能再获取到这个session的id，就会创建一个新的session。

解决：url重写（点击超链接访问服务器时同时传递session的id）：

在访问首页时就创建session，创建session后，在每一个超链接后面都跟上session的id号，服务器端得到这个id，获得服务器里的session（getSession方法），那么就要重写所有的超链接，就是url重写。

例：

创建一个servlet:WelcomeServlet作为首页：

package cn.sun.session;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

//网站首页
@WebServlet("/WelcomeSession")
public class WelcomeSession extends HttpServlet {
private static final long serialVersionUID = 1L;

public WelcomeSession() {
super();
}

protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=UTF-8");
PrintWriter out=response.getWriter();

request.getSession(); //创建session

String url1=response.encodeURL("/day07/SessionDemo1");  //该方法实现url重写，会自动在这个url地址后面加上session的id号
String url2=response.encodeURL("/day07/SessionDemo2");

//输出超链接
out.print("<a href='"+url1+"'>购买</a>  ");
out.print("<a href='"+url2+"'>结账</a>");
}

protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
}
}

SessionDemo1：

package cn.sun.session;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

//购买Servlet
@WebServlet("/SessionDemo1")
public class SessionDemo1 extends HttpServlet {
private static final long serialVersionUID = 1L;

public SessionDemo1() {
super();
}

protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
HttpSession session = request.getSession(); //得到用户的session

//为cookie设置有效期
String sessionid=session.getId();  //得到session的ID
Cookie cookie=new Cookie("JSESSIONID",sessionid); //回写一个与服务器回写的cookie同名的cookie，将其覆盖（就是覆盖服务器回写的cookie）。注：服务器回写的session的名称叫JSESSIONID
cookie.setPath("/day07");  //设置相同的path将其覆盖
cookie.setMaxAge(30*60);   //设置有效期为30分钟
response.addCookie(cookie);  //回写session

session.setAttribute("name", "洗衣机"); //存储用户购买的物品
}

protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
}

}

SessionDemo2：

package cn.sun.session;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

//结账servlet
@WebServlet("/SessionDemo2")
public class SessionDemo2 extends HttpServlet {
private static final long serialVersionUID = 1L;

<
4000
span class="hljs-keyword">public SessionDemo2() {
super();
}

protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=UTF-8");
PrintWriter out=response.getWriter();

HttpSession session = request.getSession();  //得到来访者的session
String product = (String) session.getAttribute("name");  //得到用户购买的产品

out.write("您购买的商品是："+product);
}

protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
}

}

运行WelcomeServlet：



点击购买，再点击结账：