pom.xml
web.xml
<servlet> <servlet-name>mySession</servlet-name> <servlet-class>com.lym.SessionServlet</servlet-class> </servlet> <servlet-mapping> <servlet-name>mySession</servlet-name> <url-pattern>/mySession</url-pattern> </servlet-mapping> <servlet> <servlet-name>getmySession</servlet-name> <servlet-class>com.lym.SessionGetServlet</servlet-class> </servlet> <servlet-mapping> <servlet-name>getmySession</servlet-name> <url-pattern>/getmySession</url-pattern> </servlet-mapping> <servlet> <servlet-name>deletemySession</servlet-name> <servlet-class>com.lym.SessionDeleteServlet</servlet-class> </servlet> <servlet-mapping> <servlet-name>deletemySession</servlet-name> <url-pattern>/deletemySession</url-pattern> </servlet-mapping> <session-config> <session-timeout>30</session-timeout> </session-config> SessionServlet.java import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import java.io.IOException; /** * @version SessionServlet, v 0.1 2020/7/1 1:07 */ public class SessionServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { //第一次请求时 //Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 //Accept-Encoding: gzip, deflate, br //Accept-Language: zh-CN,zh;q=0.9,en;q=0.8 //Connection: keep-alive //Host: localhost:888 //Upgrade-Insecure-Requests: 1 //User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36 //第一次响应 // Content-Length: 32 // Date: Tue, 30 Jun 2020 17:14:16 GMT // Server: Apache-Coyote/1.1 // Set-Cookie: JSESSIONID=C65F8BA23FFF70C6447D4D1ED30FED21; Path=/d/; HttpOnly //第二次请求时 //Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 //Accept-Encoding: gzip, deflate, br //Accept-Language: zh-CN,zh;q=0.9,en;q=0.8 //Cache-Control: max-age=0 //Connection: keep-alive //Cookie: JSESSIONID=F689BBA4DD885385C59B827D2C1A9B42 //Host: localhost:888 //Upgrade-Insecure-Requests: 1 //User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36 //第二次响应 // Content-Length: 32 // Date: Tue, 30 Jun 2020 17:15:52 GMT // Server: Apache-Coyote/1.1 //实质:根据JSESSIONID是否在服务器端存在 /** * 创建属于该客户端(会话)的私有session区域 * req.getSession()方法内部会判断该客户端在服务器端是否已经存在session * 如果该客户端在服务器端不存在session,那么就会创建一个新的session对象,并将JSESSIONID返回给客户端 * 如果该客户端在此服务器已经存在session,则获取对应的session并返回 * 论证如上述的第一次请求和第二次请求的返回头信息 * 论证:如果此时清除了本地的cookie时,那么本地的cookie中的 JSESSIONID为空,那么再次访问时会返回新的JSESSIONID */ HttpSession session = req.getSession(); String id = session.getId(); session.setAttribute("name","ami"); System.out.println(id); resp.getWriter().write(id); //销毁session三种方式 //1.web.xml session-config配置超时时间 // 1.1服务器设置tomcat conf中也有配置 // 如果web.xml中设置了超时时间,则使用web.xml中,如果没有设置则使用服务器设置,时间单位为分钟 // 30分钟如何计算:从不操作服务器端的资源时开始计时[最后一次操作session时开始计时] //2.浏览器关闭-如果时正常关闭时,session会存储磁盘,如果为非正常关闭时,则什么都不做? // 需要测试补充.. //3.session.invalidate(); } @Override protected void doPut(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { this.doGet(req,resp); } } SessionGetServlet.java /** * @version SessionGetServlet, v 0.1 2020/7/1 1:30 * @Content */ public class SessionGetServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { HttpSession session = req.getSession(); String id = session.getId(); Object name = session.getAttribute("name"); System.out.println(id); System.out.println(name); } @Override protected void doPut(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { this.doGet(req,resp); } } SessionDeleteServlet.java /** * @version SessionDeleteServlet, v 0.1 2020/7/1 1:32 */ public class SessionDeleteServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { HttpSession session = req.getSession(); String id = session.getId(); session.removeAttribute("name"); System.out.println(id); //请求 //Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 //Accept-Encoding: gzip, deflate, br //Accept-Language: zh-CN,zh;q=0.9,en;q=0.8 //Connection: keep-alive //Cookie: JSESSIONID=1D891F3DDE26ED6CA7BFA860550C59EA //Host: localhost:888 //Upgrade-Insecure-Requests: 1 //User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36 //响应 // Content-Length: 0 // Date: Tue, 30 Jun 2020 17:53:01 GMT // Server: Apache-Coyote/1.1 // Set-Cookie: JSESSIONID=B6CEE03C6981C4BAFC98AF0F77CA0F51; Path=/d/; HttpOnly //再次请求时 // Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 //Accept-Encoding: gzip, deflate, br //Accept-Language: zh-CN,zh;q=0.9,en;q=0.8 //Cache-Control: max-age=0 //Connection: keep-alive //Cookie: JSESSIONID=B6CEE03C6981C4BAFC98AF0F77CA0F51 //Host: localhost:888 //Upgrade-Insecure-Requests: 1 //User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36 session.invalidate(); } @Override protected void doPut(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { this.doGet(req,resp); } }验证的方式:
http://localhost:888/d/mySession http://localhost:888/d/getmySession http://localhost:888/d/deletemySession http://localhost:888/d/getmySession
