当前位置: 文江博客话题详情

Java 中的会话是什么?

发布于 2024-09-17 20:36:28 字数 1108 浏览 9 评论 0原文

到目前为止我了解了Java中的HttpSession概念。

 HttpSession ses = req.getSession(true);

将根据请求创建一个会话对象。

setAttribute("String", object);

将,将“字符串”和值与会话对象绑定。

getAttribute("String");

将返回与指定字符串关联的对象。

我无法理解的是:我正在创建一个会话对象,例如 HttpSession ses = req.getSession(true); 并通过调用 setAttribute("String", object); 为其设置名称。 在这里,此代码驻留在服务器内部。对于每个人来说,当他尝试登录时,服务器中的相同代码将被执行。 setAttribute("String", object); 在此方法中,字符串值是常量 1。因此,创建的每个会话对象都将由我提供的相同字符串绑定。当我尝试检索字符串以验证他的会话时或在注销操作时采取 getAttribute("String"); 将返回相同的常量字符串值(我对吗!!?实际上我不'不知道,我只是在考虑它的执行逻辑)。那我怎么才能失效呢。

我在网上的所有教程中都看到过这种类型的插图。这是设置该属性的实际方法吗?或者,真正的应用程序开发人员会在“String”字段中给出一个变量来动态设置它

(即session.setAttribut(userName,userName); //Setting the String Dynamically..我不知道它是否正确。 )

我的最后一个问题是

WebContext ctx = WebContextFactory.get();
request = ctx.getHttpServletRequest();

上面两行的作用是什么? ctx 和 ctx 中将存储什么?要求? HttpSession ses = req.getSession(true); 将创建新的会话方法。 ses 中存储了什么值。

原文

So far I understand Httpsession concepts in Java.

 HttpSession ses = req.getSession(true);

will create a session object, according to the request.

setAttribute("String", object);

will, bind the 'String', and value with the Session object.

getAttribute("String");

will return an object associated with the string, specified.

What I am not able to understand is: I am creating a session object like
HttpSession ses = req.getSession(true);
and setting a name for it by calling setAttribute("String", object);.
Here, This code resides inside the server. For every person, when he tries to login the same code in the server will be executed. setAttribute("String", object); in this method the string value is a constant one. So, each session object created will be binded by the same string which I have provided. When I try to retrieve the string to validate his session or while logout action taken the getAttribute("String"); ll return the same constant string value(Am I right!!?? Actually I don't know, I'm just thinking of its logic of execution). Then, how can I be able to invalidate.

I saw this type of illustration in all of the tutorials on the WEB. Is it the actual way to set that attribute? Or, real application developers will give a variable in the "String" field to set it dynamically

(ie. session.setAttribut(userName, userName); //Setting the String Dynamically.. I dono is it right or not.)

And my final question is

WebContext ctx = WebContextFactory.get();
request = ctx.getHttpServletRequest();

What do the two lines above do? What will be stored in ctx & request?
HttpSession ses = req.getSession(true); will creates new session means. What value stored in ses.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(4

逆夏时光 2024-09-24 20:36:28

一些[随机]精度:

  1. 您不需要登录/注销机制来进行会话。
  2. 在 java servlet 中,使用两种机制跟踪 HTTP 会话:HTTP cookie(最常用)或 URL 重写(以支持没有 cookie 或禁用 cookie 的浏览器)。仅使用 cookie 很简单,您无需执行任何特殊操作。对于 URL 重写,您需要修改所有指向 Servlet/过滤器的 URL。
  3. 每次调用 request.getSession(true) 时,都会检查 HttpRequest 对象,以便查找编码在 cookie 中或/和 URL 路径中的会话 ID参数(分号后面的内容)。如果找不到会话 ID,servlet 容器(即服务器)将创建一个新会话。
  4. 会话 ID 作为 Cookie 添加到响应中。如果您还想支持 URL 重写,则应使用 response.encodeURL() 方法修改 HTML 文档中的链接。如果未找到会话 ID 或会话 ID 引用无效会话,则调用 request.getSession(false) 或简单地调用 request.getSession() 将返回 null。
  5. 访问有一个 HTTP 会话,因为 Java 会话 cookie 不会永久存储在浏览器中。因此会话对象不在客户端之间共享。每个用户都有自己的私人会话。
  6. 如果在给定时间内未使用,会话将自动销毁。超时值可以在 web.xml 文件中配置。
  7. 可以使用 invalidate() 方法显式使给定会话失效。
  8. 当人们谈论 JSESSIONID 时,他们指的是用于在 Java 中进行会话跟踪的 HTTP cookie 的标准名称。

Some [random] precisions:

  1. You don't need login/logout mechanisms in order to have sessions.
  2. In java servlets, HTTP sessions are tracked using two mechanisms, HTTP cookie (the most commonly used) or URL rewriting (to support browsers without cookies or with cookies disabled). Using only cookies is simple, you don't have to do anything special. For URL re-writing, you need to modify all URLs pointing back to your servlets/filters.
  3. Each time you call request.getSession(true), the HttpRequest object will be inspected in order to find a session ID encoded either in a cookie OR/AND in the URL path parameter (what's following a semi-colon). If the session ID cannot be found, a new session will be created by the servlet container (i.e. the server).
  4. The session ID is added to the response as a Cookie. If you want to support URL re-writing also, the links in your HTML documents should be modified using the response.encodeURL() method. Calling request.getSession(false) or simply request.getSession() will return null in the event the session ID is not found or the session ID refers to an invalid session.
  5. There is a single HTTP session by visit, as Java session cookies are not stored permanently in the browser. So sessions object are not shared between clients. Each user has his own private session.
  6. Sessions are destroyed automatically if not used for a given time. The time-out value can be configured in the web.xml file.
  7. A given session can be explicitly invalidated using the invalidate() method.
  8. When people are talking about JSESSIONID, they are referring to the standard name of the HTTP cookie used to do session-tracking in Java.
回复 原文
天邊彩虹 2024-09-24 20:36:28

我建议您阅读教程 关于 Java 会话。每个用户根据 Java Web 服务器发送到浏览器的 JSESSIONID 请求/响应参数获取不同的 HttpSession 对象。因此,每个用户都可以拥有一个同名的属性,并且为该属性存储的值对于所有用户来说都是不同的。

此外,WebContextFactory 和 WebContext 是 DWR 类,它们提供了一种获取 servlet 参数的简单方法。

I suggest you read a tutorial on Java sessions. Each user gets a different HttpSession object, based on a JSESSIONID request/response parameter that the Java web server sends to the browser. So every user can have an attribute with the same name, and the value stored for this attribute will be different for all users.

Also, WebContextFactory and WebContext are DWR classes that provide an easy way to get the servlet parameters.

回复 原文
枕头说它不想醒 2024-09-24 20:36:28

据我了解,您担心的是在 HttpSession 中存储内容时不同用户的分离。

Servlet 容器(例如 Tomcat)利用其 JSESSIONID 来处理此问题。

故事是这样的:

  1. 用户首先登录网站。
  2. Servlet 容器设置 COOKIE
    用户的浏览器,存储一个唯一的
    jsessionId。
  3. 每次用户点击
    网站,JSESSIONID cookie 是
    送回来了。
  4. Servlet 容器使用它来
    跟踪谁是谁。
  5. 同样,这就是它跟踪的方式
    数据的分离。每一个
    用户有自己的存储桶
    唯一标识的对象
    JSSessionID。

希望这(至少部分)回答了您的问题。

干杯

As I understand it, your concerns are about separation of the different users when storing things in the HttpSession.

The servlet container (for example Tomcat) takes care of this utilizing its JSESSIONID.

The story goes like this :

  1. User first logs onto website.
  2. Servlet container sets a COOKIE on
    the user's browser, storing a UNIQUE
    jsessionId.
  3. Every time the user hits the
    website, the JSESSIONID cookie is
    sent back.
  4. The servlet container uses this to
    keep track of who is who.
  5. Likewise, this is how it keeps track
    of the separation of data. Every
    user has their own bucket of
    objects uniquely identified by the
    JSESSIONID.

Hopefully that (at least partially) answers your question.

Cheers

回复 原文
风苍溪 2024-09-24 20:36:28

您的基本 servlet 将如下所示

public class MyServlet{

public doGet(HttpServletRequest req, HttpServletResponse res){
//Parameter true: 
//    create session if one does not exist. session should never be null 
//Parameter false: 
//    return null if there is no session, used on pages where you want to 
//    force a user to already have a session or be logged in
//only need to use one of the two getSession() options here. 
//Just showing both for this test
HttpSession sess = req.getSession(true);
HttpSession sess2 = req.getSession(false); 

//set an Attribute in the request. This can be used to pass new values
//to a forward or to a JSP
req.setAttribute("myVar", "Hello World");
}

}

无需为已完成的会话设置任何属性名称。正如其他人在其他答案中建议的那样,使用 cookie 或 URL 重写来为您存储 sessionID。

当您处理 DWR WebContext 时,它只是执行与上面相同的操作,只是通常不会将 Request 对象传递到方法中,因此您使用 WebContext 来获取该请求

public class DWRClass {
 public doSomething(){
WebContext ctx = WebContextFactory.get();
HttpServletRequest req = ctx.getHttpServletRequest();
HttpSession sess = req.getSession(); //no parameter is the same as passing true

//Lets set another attribute for a forward or JSP to use
ArrayList<Boolean> flags = new ArrayList<Boolean>();
req.setAttribute("listOfNames", flags);
}
}

Your basic servlet is going to look like

public class MyServlet{

public doGet(HttpServletRequest req, HttpServletResponse res){
//Parameter true: 
//    create session if one does not exist. session should never be null 
//Parameter false: 
//    return null if there is no session, used on pages where you want to 
//    force a user to already have a session or be logged in
//only need to use one of the two getSession() options here. 
//Just showing both for this test
HttpSession sess = req.getSession(true);
HttpSession sess2 = req.getSession(false); 

//set an Attribute in the request. This can be used to pass new values
//to a forward or to a JSP
req.setAttribute("myVar", "Hello World");
}

}

There is no need to set any attribute names for your session that is already done. As others have suggested in other answers, use cookies or URL re-writing to store the sessionID for you.

When you are dealing with the DWR WebContext, it is simply doing the same thing as above, just normally the Request object isn't passed into the method, so you use the WebContext to get that request for you

public class DWRClass {
 public doSomething(){
WebContext ctx = WebContextFactory.get();
HttpServletRequest req = ctx.getHttpServletRequest();
HttpSession sess = req.getSession(); //no parameter is the same as passing true

//Lets set another attribute for a forward or JSP to use
ArrayList<Boolean> flags = new ArrayList<Boolean>();
req.setAttribute("listOfNames", flags);
}
}
回复 原文
~没有更多了~

关于作者

深海蓝天

暂无简介

0 文章
0 评论
25 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

苦中寻乐

文章 0 评论 0

lueluelue

文章 0 评论 0

嗼ふ静

文章 0 评论 0

王权女流氓

文章 0 评论 0

与花如笺

文章 0 评论 0

残酷

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文