Session and session management technology

1、 Conversation Overview ：

 What is conversation ：
 Log in to Taobao from , Refresh the page multiple times , Finally quit Taobao , The whole process is a conversation .  The characteristics of conversation ： Contains multiple requests , One complete session for a user .
 Session management technology ：
  The first one is ：cookie technology , Client technology . 
  The second kind ：session technology , Server technology .
 Shopping cart case list ： After buying the goods , Join the car purchase , What is the appropriate object to store the purchased goods ？
1. Use request The domain object holds the product information ：
 Conclusion ： Use request Saving product information is not allowed , Because every time you send a request , Will generate a new request object .
2. Use ServletContext The domain object holds the product information 
 Conclusion ： Use ServletContext Object to save product information , Sure , But it doesn't make sense .  So in development , Save the data generated during the session , Using session management technology , That is to use cookie and session technology   To save the data generated during the session .

2、Cookie object

1.1  What is? cookie:
Cookie Is a session management technology , It is used to save the data generated during the session , Then when the browser interacts with the server ,
 Will use cookie The data stored in it .
 Be careful ： First access to the server , Browsers don't carry cookie To the server .

1.2 Cookie frequently-used API
1. Construction method ：
1. obtain cookie object ：Cookie cookie = new Cookie(String key,String value);
2.Cookie Class ：
2. Write back （ Respond to ）cookie To browser side ： response.addCookie(cookie);
3. obtain cookie The name of  ：String key= cookie.getName(),
 obtain cookie Value ： String value =cookie.getValue();
4. to cookie Set life duration ： setMaxAge(int sr);
 such as ：cookie.setMaxAge(606024*7), explain cookie Can survive 7 God ;
cookie classification ：  The first category ： Session level cookie, Browser closed ,cookie The object is destroyed .  The second category ： Persistence cookie, adopt setMaxAge This method is used to set up .
5. to cookie Set the path , Set domain name ：
setPath( The path of url),setDomain( domain name );
 such as ： The domain name is the server name , for instance ：www.baidu.com
6. obtain cookie: Cookie[] cookies = request.getCookies();

1.3  Displays the last access time of the user ：
 Implementation steps ：
1. Determine whether this is the first visit ：
 If cookie There's time in it , It is not the first time to visit .
2. If it's a first visit , establish cookie, Storage time , Put this cookie Write back to the browser .
3. If it's not my first visit , Write the time back to the browser , Remember the current time , Save time cookie Inside .

3.、Session object

1.1  What is? session
session Is a session management technology ,session Used to save data during the session , The saved data is stored on the server side .
session principle ： be based on cookie Realized , More specifically, it is based on session level cookie Realized .
1.2 HttpSession API
session Common methods ：
1. obtain session Of id(JESSIONID Corresponding value )： getId();
2. Set up session Life span of ：setMaxInactiveInterval(int interval)
3. The destruction session: invalidate();
 obtain session: HttpSession session = getSession();
session Domain object ： Scope a full session （ Contains multiple requests ）
1. Store value ： setAttribute(String key,Object obj);
2. Value ： Object obj =getAttribute(String key);
3. remove ： removeAttribute(String key);
 Summary domain object ：request Domain object  session Domain object  servletContext Domain object , The scope of action becomes larger . request Domain object ： Scope a request , Usually used in conjunction with forwarding operations  session Domain object ： Scope a conversation , Usually used in conjunction with redirection 
servletContext Domain object ： The whole project , Redirection 、 Forwarding operations can be used together .

1.3 Session  Timeout Management 
session The object has a lifetime , Its default lifetime is 30 minute .
 Specific configuration tomcat The software conf In the catalog web.xml file , as follows ：
30

 Destroy immediately session object ：invalidate();

1.4  Realize shopping cart ：
1. establish Book Encapsulate book information ：Book
2. establish BookDB, Analog database , There are books in it 
3. Provide the purchase page of books ：ListBookServlet
4. Add cart ：PurcharseServlet
5. Echo shopping cart book information ：CartServlet

 If the browser is disabled cookie, Our shopping cart function can't be realized , because session Is based on cookie Realized .
 Solution ： Prompt the user to turn on cookie.

1.5  Implement user login 
1. Create a User class , Encapsulate user name and password 
2. Provide a homepage , Welcome to login ：IndexServlet, Provide an exit link .
3. Provide a login servelt: Processing login requests 
4. Provide an exit servlet: Handle the request to exit the front page .