笔记：Cookie与Session的使用与区别

http是无连接性要求出现一种保存C/S间状态的机制（服务器将内容发送给客户端后就断掉连接）

cookie：以“名-值”对的形式保存数据
1.服务器可以向客户端写内容
2.只能是文本内容
3.客户端可以阻止服务器写入
4.只能拿自己的WEBAPP写入的东西

import javax.servlet.ServletException;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import javax.servlet.http.Cookie;import java.io.*;public class TestCookie extends HttpServlet {public TestCookie() {super();}protected void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException{response.setContentType("text/html;charse=gb2312");PrintWriter out = response.getWriter();/*向客户端写入cookie*/for(int i=0; i<5; i++) {Cookie cookie = new Cookie("cookie-name-" + i, "cookie-value-" + i);response.addCookie(cookie);}out.println("<html>" +"<head>" +"<title>TestCookie</title>" +"</head>" +"<body>" +"<table border='1'>" +"<tr>" +"<td>Cookie-name</td>" +"<td>cookie-value</td>" +"</tr>");/*从客户端读cookie数据*/Cookie cookies[] = request.getCookies();if(cookies != null) {Cookie cookie;for(int i=0; i<cookies.length; i++) {cookie = cookies[i];out.println("</tr>" +"<td>" + cookie.getName() + "</td>" +"<td>" + cookie.getValue()+ "</td>" + "</tr>");}}out.println("</table>" +"</body>" +"</html>");}protected void doPost(HttpServletRequest request, HttpServletResponse response)throws IOException, ServletException {doGet(request, response);}}

运行结果:

 

Session  

session是写在服务器端， Cookie是写在客户端。
 

Session两种实现方式：
1.通过Cookie实现（把Session的ID放在Cookie里面）；
2.通过URL重写实现；

规则：
如果浏览器支持Cookie， 创建Session的时候会把SessionID保存在Cookie里面；
如果不支持Cookie，必须自己变成使用URL重写的方式实现Session;
 response.encodeURL() 作用：转码，URL后面加入SessionID;

Session不像Cookie拥有路径访问的问题，同一个application下的servlet/jsp可以共享同一个Session,前提是同一个客户端窗口；

 

package com.xw;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import javax.servlet.http.HttpSession;import java.io.*;import java.util.Date;public class TestSession extends HttpServlet {public TestSession() {super();}protected void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException {response.setContentType("text/html;charset=gb2312");PrintWriter out = response.getWriter();HttpSession session = request.getSession(true);//若没有session则创建Integer accessCount = (Integer)session.getAttribute("accessCount");String head = null;if(accessCount == null) {head = "welcome, new comer!";accessCount = new Integer(0);} else {head = "welcome back!";accessCount = new Integer(accessCount.intValue() + 1);}session.setAttribute("accessCount", accessCount);out.println("<html>");out.println("<head>");out.println("<title>servlet session</title>");out.println("</head>");out.println("<body>");out.println(head);out.println("<h3>servlet session</h3>");out.println("</br>new session:" + session.isNew());out.println("</br>session id:" + session.getId());out.println("</br>session create time:" + new Date(session.getCreationTime()));out.println("</br>session lastaccesstime:" + new Date(session.getLastAccessedTime()));out.println("</br>");out.println("<h3>request information</h3>");out.println("</br>request session Id:" + request.getRequestedSessionId());out.println("</br>cookie:" + request.isRequestedSessionIdFromCookie());out.println("</br>url:" + request.isRequestedSessionIdFromURL());out.println("</br>valid:" + request.isRequestedSessionIdValid());out.println("</br>access number:" + session.getAttribute("accessCount"));out.println("</br><a href="  + response.encodeURL("TestSession") + ">refresh</a>");out.println("</body>");out.println("</html>");out.close();}protected void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException {doGet(request, response);}}