forked from dunwu/java-tutorial
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathjavaee-cookie-sesion.html
More file actions
368 lines (333 loc) · 103 KB
/
javaee-cookie-sesion.html
File metadata and controls
368 lines (333 loc) · 103 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
<!DOCTYPE html>
<html lang="en-US">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1">
<title>JavaEE 之 Cookie 和 Session | JAVA-TUTORIAL</title>
<meta name="generator" content="VuePress 1.8.2">
<link rel="icon" href="/java-tutorial/favicon.ico">
<meta name="description" content="Java 教程">
<link rel="preload" href="/java-tutorial/assets/css/0.styles.3905bb84.css" as="style"><link rel="preload" href="/java-tutorial/assets/js/app.a78650bc.js" as="script"><link rel="preload" href="/java-tutorial/assets/js/4.3daae55c.js" as="script"><link rel="preload" href="/java-tutorial/assets/js/12.26a5f560.js" as="script"><link rel="preload" href="/java-tutorial/assets/js/5.dfd352df.js" as="script"><link rel="prefetch" href="/java-tutorial/assets/js/10.f6a1f2f8.js"><link rel="prefetch" href="/java-tutorial/assets/js/11.fce673de.js"><link rel="prefetch" href="/java-tutorial/assets/js/13.02678d53.js"><link rel="prefetch" href="/java-tutorial/assets/js/14.630ad3d4.js"><link rel="prefetch" href="/java-tutorial/assets/js/15.b5901fa4.js"><link rel="prefetch" href="/java-tutorial/assets/js/16.57c4b895.js"><link rel="prefetch" href="/java-tutorial/assets/js/17.d36e0244.js"><link rel="prefetch" href="/java-tutorial/assets/js/18.9773326e.js"><link rel="prefetch" href="/java-tutorial/assets/js/19.df51683a.js"><link rel="prefetch" href="/java-tutorial/assets/js/20.2023917a.js"><link rel="prefetch" href="/java-tutorial/assets/js/21.07ae8e94.js"><link rel="prefetch" href="/java-tutorial/assets/js/22.aee4b08b.js"><link rel="prefetch" href="/java-tutorial/assets/js/23.0f881b51.js"><link rel="prefetch" href="/java-tutorial/assets/js/24.da2c1d7f.js"><link rel="prefetch" href="/java-tutorial/assets/js/25.238d0a91.js"><link rel="prefetch" href="/java-tutorial/assets/js/26.429efd8b.js"><link rel="prefetch" href="/java-tutorial/assets/js/27.4e69faca.js"><link rel="prefetch" href="/java-tutorial/assets/js/28.ea41eb2c.js"><link rel="prefetch" href="/java-tutorial/assets/js/29.eb38f980.js"><link rel="prefetch" href="/java-tutorial/assets/js/30.861306a4.js"><link rel="prefetch" href="/java-tutorial/assets/js/31.51ff2772.js"><link rel="prefetch" href="/java-tutorial/assets/js/32.906a9d26.js"><link rel="prefetch" href="/java-tutorial/assets/js/33.46629ea8.js"><link rel="prefetch" href="/java-tutorial/assets/js/34.74fbb327.js"><link rel="prefetch" href="/java-tutorial/assets/js/35.cb57f554.js"><link rel="prefetch" href="/java-tutorial/assets/js/36.bb28fa41.js"><link rel="prefetch" href="/java-tutorial/assets/js/37.d8790cc9.js"><link rel="prefetch" href="/java-tutorial/assets/js/38.a080a14c.js"><link rel="prefetch" href="/java-tutorial/assets/js/6.249802e3.js"><link rel="prefetch" href="/java-tutorial/assets/js/7.1e5f973a.js"><link rel="prefetch" href="/java-tutorial/assets/js/8.b7d849be.js"><link rel="prefetch" href="/java-tutorial/assets/js/9.f56536d9.js"><link rel="prefetch" href="/java-tutorial/assets/js/vendors~flowchart.610e92a1.js"><link rel="prefetch" href="/java-tutorial/assets/js/vendors~notification.3e916219.js">
<link rel="stylesheet" href="/java-tutorial/assets/css/0.styles.3905bb84.css">
</head>
<body>
<div id="app" data-server-rendered="true"><div class="theme-container"><header class="navbar"><div class="sidebar-button"><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" role="img" viewBox="0 0 448 512" class="icon"><path fill="currentColor" d="M436 124H12c-6.627 0-12-5.373-12-12V80c0-6.627 5.373-12 12-12h424c6.627 0 12 5.373 12 12v32c0 6.627-5.373 12-12 12zm0 160H12c-6.627 0-12-5.373-12-12v-32c0-6.627 5.373-12 12-12h424c6.627 0 12 5.373 12 12v32c0 6.627-5.373 12-12 12zm0 160H12c-6.627 0-12-5.373-12-12v-32c0-6.627 5.373-12 12-12h424c6.627 0 12 5.373 12 12v32c0 6.627-5.373 12-12 12z"></path></svg></div> <a href="/java-tutorial/" class="home-link router-link-active"><img src="https://raw.githubusercontent.com/dunwu/images/dev/common/dunwu-logo-200.png" alt="JAVA-TUTORIAL" class="logo"> <span class="site-name can-hide">JAVA-TUTORIAL</span></a> <div class="links"><div class="search-box"><input aria-label="Search" autocomplete="off" spellcheck="false" value=""> <!----></div> <nav class="nav-links can-hide"><div class="nav-item"><div class="dropdown-wrapper"><button type="button" aria-label="工具" class="dropdown-title"><span class="title">工具</span> <span class="arrow down"></span></button> <button type="button" aria-label="工具" class="mobile-dropdown-title"><span class="title">工具</span> <span class="arrow right"></span></button> <ul class="nav-dropdown" style="display:none;"><li class="dropdown-item"><!----> <a href="/java-tutorial/javatool/build/" class="nav-link">
构建
</a></li><li class="dropdown-item"><!----> <a href="/java-tutorial/javatool/ide/" class="nav-link">
IDE
</a></li><li class="dropdown-item"><!----> <a href="/java-tutorial/javatool/monitor/" class="nav-link">
监控
</a></li></ul></div></div><div class="nav-item"><a href="/java-tutorial/javaee/" class="nav-link router-link-active">
JavaEE
</a></div><div class="nav-item"><div class="dropdown-wrapper"><button type="button" aria-label="Java" class="dropdown-title"><span class="title">✨ Java系列</span> <span class="arrow down"></span></button> <button type="button" aria-label="Java" class="mobile-dropdown-title"><span class="title">✨ Java系列</span> <span class="arrow right"></span></button> <ul class="nav-dropdown" style="display:none;"><li class="dropdown-item"><!----> <a href="https://dunwu.github.io/java-tutorial/" target="_blank" rel="noopener noreferrer" class="nav-link external">
Java 教程 📚
<span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li><li class="dropdown-item"><!----> <a href="https://dunwu.github.io/javacore/" target="_blank" rel="noopener noreferrer" class="nav-link external">
JavaCore 教程 📚
<span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li><li class="dropdown-item"><!----> <a href="https://dunwu.github.io/javatech/" target="_blank" rel="noopener noreferrer" class="nav-link external">
JavaTech 教程 📚
<span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li><li class="dropdown-item"><!----> <a href="https://dunwu.github.io/spring-tutorial/" target="_blank" rel="noopener noreferrer" class="nav-link external">
Spring 教程 📚
<span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li><li class="dropdown-item"><!----> <a href="https://dunwu.github.io/spring-boot-tutorial/" target="_blank" rel="noopener noreferrer" class="nav-link external">
Spring Boot 教程 📚
<span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li></ul></div></div><div class="nav-item"><a href="https://github.com/dunwu/blog" target="_blank" rel="noopener noreferrer" class="nav-link external">
🎯 博客
<span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></div> <a href="https://github.com/dunwu/java-tutorial" target="_blank" rel="noopener noreferrer" class="repo-link">
Github
<span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></nav></div></header> <div class="sidebar-mask"></div> <aside class="sidebar"><nav class="nav-links"><div class="nav-item"><div class="dropdown-wrapper"><button type="button" aria-label="工具" class="dropdown-title"><span class="title">工具</span> <span class="arrow down"></span></button> <button type="button" aria-label="工具" class="mobile-dropdown-title"><span class="title">工具</span> <span class="arrow right"></span></button> <ul class="nav-dropdown" style="display:none;"><li class="dropdown-item"><!----> <a href="/java-tutorial/javatool/build/" class="nav-link">
构建
</a></li><li class="dropdown-item"><!----> <a href="/java-tutorial/javatool/ide/" class="nav-link">
IDE
</a></li><li class="dropdown-item"><!----> <a href="/java-tutorial/javatool/monitor/" class="nav-link">
监控
</a></li></ul></div></div><div class="nav-item"><a href="/java-tutorial/javaee/" class="nav-link router-link-active">
JavaEE
</a></div><div class="nav-item"><div class="dropdown-wrapper"><button type="button" aria-label="Java" class="dropdown-title"><span class="title">✨ Java系列</span> <span class="arrow down"></span></button> <button type="button" aria-label="Java" class="mobile-dropdown-title"><span class="title">✨ Java系列</span> <span class="arrow right"></span></button> <ul class="nav-dropdown" style="display:none;"><li class="dropdown-item"><!----> <a href="https://dunwu.github.io/java-tutorial/" target="_blank" rel="noopener noreferrer" class="nav-link external">
Java 教程 📚
<span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li><li class="dropdown-item"><!----> <a href="https://dunwu.github.io/javacore/" target="_blank" rel="noopener noreferrer" class="nav-link external">
JavaCore 教程 📚
<span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li><li class="dropdown-item"><!----> <a href="https://dunwu.github.io/javatech/" target="_blank" rel="noopener noreferrer" class="nav-link external">
JavaTech 教程 📚
<span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li><li class="dropdown-item"><!----> <a href="https://dunwu.github.io/spring-tutorial/" target="_blank" rel="noopener noreferrer" class="nav-link external">
Spring 教程 📚
<span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li><li class="dropdown-item"><!----> <a href="https://dunwu.github.io/spring-boot-tutorial/" target="_blank" rel="noopener noreferrer" class="nav-link external">
Spring Boot 教程 📚
<span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li></ul></div></div><div class="nav-item"><a href="https://github.com/dunwu/blog" target="_blank" rel="noopener noreferrer" class="nav-link external">
🎯 博客
<span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></div> <a href="https://github.com/dunwu/java-tutorial" target="_blank" rel="noopener noreferrer" class="repo-link">
Github
<span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></nav> <ul class="sidebar-links"><li><section class="sidebar-group depth-0"><p class="sidebar-heading open"><span>JavaEE 之 Cookie 和 Session</span> <!----></p> <ul class="sidebar-links sidebar-group-items"><li><a href="/java-tutorial/javaee/javaee-cookie-sesion.html#_1-cookie" class="sidebar-link">1. Cookie</a><ul class="sidebar-sub-headers"><li class="sidebar-sub-header"><a href="/java-tutorial/javaee/javaee-cookie-sesion.html#_1-1-cookie-是什么" class="sidebar-link">1.1. Cookie 是什么</a></li><li class="sidebar-sub-header"><a href="/java-tutorial/javaee/javaee-cookie-sesion.html#_1-2-cookie-剖析" class="sidebar-link">1.2. Cookie 剖析</a></li><li class="sidebar-sub-header"><a href="/java-tutorial/javaee/javaee-cookie-sesion.html#_1-3-cookie-类中的方法" class="sidebar-link">1.3. Cookie 类中的方法</a></li><li class="sidebar-sub-header"><a href="/java-tutorial/javaee/javaee-cookie-sesion.html#_1-4-cookie-的有效期" class="sidebar-link">1.4. Cookie 的有效期</a></li><li class="sidebar-sub-header"><a href="/java-tutorial/javaee/javaee-cookie-sesion.html#_1-5-cookie-的域名" class="sidebar-link">1.5. Cookie 的域名</a></li><li class="sidebar-sub-header"><a href="/java-tutorial/javaee/javaee-cookie-sesion.html#_1-6-cookie-的路径" class="sidebar-link">1.6. Cookie 的路径</a></li><li class="sidebar-sub-header"><a href="/java-tutorial/javaee/javaee-cookie-sesion.html#_1-7-cookie-的安全属性" class="sidebar-link">1.7. Cookie 的安全属性</a></li><li class="sidebar-sub-header"><a href="/java-tutorial/javaee/javaee-cookie-sesion.html#_1-8-cookie-实例" class="sidebar-link">1.8. Cookie 实例</a></li></ul></li><li><a href="/java-tutorial/javaee/javaee-cookie-sesion.html#_2-session" class="sidebar-link">2. Session</a><ul class="sidebar-sub-headers"><li class="sidebar-sub-header"><a href="/java-tutorial/javaee/javaee-cookie-sesion.html#_2-1-session-是什么" class="sidebar-link">2.1. Session 是什么</a></li><li class="sidebar-sub-header"><a href="/java-tutorial/javaee/javaee-cookie-sesion.html#_2-2-session-类中的方法" class="sidebar-link">2.2. Session 类中的方法</a></li><li class="sidebar-sub-header"><a href="/java-tutorial/javaee/javaee-cookie-sesion.html#_2-3-session-的有效期" class="sidebar-link">2.3. Session 的有效期</a></li><li class="sidebar-sub-header"><a href="/java-tutorial/javaee/javaee-cookie-sesion.html#_2-4-session-对浏览器的要求" class="sidebar-link">2.4. Session 对浏览器的要求</a></li><li class="sidebar-sub-header"><a href="/java-tutorial/javaee/javaee-cookie-sesion.html#_2-5-url-地址重写" class="sidebar-link">2.5. URL 地址重写</a></li><li class="sidebar-sub-header"><a href="/java-tutorial/javaee/javaee-cookie-sesion.html#_2-6-session-中禁用-cookie" class="sidebar-link">2.6. Session 中禁用 Cookie</a></li><li class="sidebar-sub-header"><a href="/java-tutorial/javaee/javaee-cookie-sesion.html#_2-7-session-实例" class="sidebar-link">2.7. Session 实例</a></li></ul></li><li><a href="/java-tutorial/javaee/javaee-cookie-sesion.html#_3-cookie-vs-session" class="sidebar-link">3. Cookie vs Session</a><ul class="sidebar-sub-headers"><li class="sidebar-sub-header"><a href="/java-tutorial/javaee/javaee-cookie-sesion.html#_3-1-存取方式" class="sidebar-link">3.1. 存取方式</a></li><li class="sidebar-sub-header"><a href="/java-tutorial/javaee/javaee-cookie-sesion.html#_3-2-隐私安全" class="sidebar-link">3.2. 隐私安全</a></li><li class="sidebar-sub-header"><a href="/java-tutorial/javaee/javaee-cookie-sesion.html#_3-3-有效期" class="sidebar-link">3.3. 有效期</a></li><li class="sidebar-sub-header"><a href="/java-tutorial/javaee/javaee-cookie-sesion.html#_3-4-服务器的开销" class="sidebar-link">3.4. 服务器的开销</a></li><li class="sidebar-sub-header"><a href="/java-tutorial/javaee/javaee-cookie-sesion.html#_3-5-浏览器的支持" class="sidebar-link">3.5. 浏览器的支持</a></li><li class="sidebar-sub-header"><a href="/java-tutorial/javaee/javaee-cookie-sesion.html#_3-6-跨域名" class="sidebar-link">3.6. 跨域名</a></li></ul></li></ul></section></li></ul> </aside> <main class="page"> <div class="theme-default-content content__default"><h1 id="javaee-之-cookie-和-session"><a href="#javaee-之-cookie-和-session" class="header-anchor">#</a> JavaEE 之 Cookie 和 Session</h1> <h2 id="_1-cookie"><a href="#_1-cookie" class="header-anchor">#</a> 1. Cookie</h2> <p>由于 Http 是一种无状态的协议,服务器单从网络连接上无从知道客户身份。</p> <p>会话跟踪是 Web 程序中常用的技术,用来跟踪用户的整个会话。常用会话跟踪技术是 Cookie 与 Session。</p> <h3 id="_1-1-cookie-是什么"><a href="#_1-1-cookie-是什么" class="header-anchor">#</a> 1.1. Cookie 是什么</h3> <p>Cookie 实际上是存储在客户端上的文本信息,并保留了各种跟踪的信息。</p> <p><strong>Cookie 工作步骤:</strong></p> <ol><li>客户端请求服务器,如果服务器需要记录该用户的状态,就是用 response 向客户端浏览器颁发一个 Cookie。</li> <li>客户端浏览器会把 Cookie 保存下来。</li> <li>当浏览器再请求该网站时,浏览器把该请求的网址连同 Cookie 一同提交给服务器。服务器检查该 Cookie,以此来辨认用户状态。</li></ol> <p><em><strong>注:Cookie 功能需要浏览器的支持,如果浏览器不支持 Cookie 或者 Cookie 禁用了,Cookie 功能就会失效。</strong></em></p> <p>Java 中把 Cookie 封装成了<code>javax.servlet.http.Cookie</code>类。</p> <h3 id="_1-2-cookie-剖析"><a href="#_1-2-cookie-剖析" class="header-anchor">#</a> 1.2. Cookie 剖析</h3> <p>Cookies 通常设置在 HTTP 头信息中(虽然 JavaScript 也可以直接在浏览器上设置一个 Cookie)。</p> <p>设置 Cookie 的 Servlet 会发送如下的头信息:</p> <div class="language-http extra-class"><pre class="language-http"><code><span class="token response-status"><span class="token http-version property">HTTP/1.1</span> <span class="token status-code number">200</span> <span class="token reason-phrase string">OK</span></span>
<span class="token header-name keyword">Date:</span> Fri, 04 Feb 2000 21:03:38 GMT
<span class="token header-name keyword">Server:</span> Apache/1.3.9 (UNIX) PHP/4.0b3
<span class="token header-name keyword">Set-Cookie:</span> name=xyz; expires=Friday, 04-Feb-07 22:03:38 GMT;
path=/; domain=w3cschool.cc
<span class="token header-name keyword">Connection:</span> close
<span class="token header-name keyword">Content-Type:</span> text/html
</code></pre></div><p>正如您所看到的,<code>Set-Cookie</code> 头包含了一个名称值对、一个 GMT 日期、一个路径和一个域。名称和值会被 URL 编码。expires 字段是一个指令,告诉浏览器在给定的时间和日期之后"忘记"该 Cookie。</p> <p>如果浏览器被配置为存储 Cookies,它将会保留此信息直到到期日期。如果用户的浏览器指向任何匹配该 Cookie 的路径和域的页面,它会重新发送 Cookie 到服务器。浏览器的头信息可能如下所示:</p> <div class="language-http extra-class"><pre class="language-http"><code><span class="token request-line"><span class="token method property">GET</span> <span class="token request-target url">/</span> <span class="token http-version property">HTTP/1.0</span></span>
<span class="token header-name keyword">Connection:</span> Keep-Alive
<span class="token header-name keyword">User-Agent:</span> Mozilla/4.6 (X11; I; Linux 2.2.6-15apmac ppc)
<span class="token header-name keyword">Host:</span> zink.demon.co.uk:1126
<span class="token header-name keyword">Accept:</span> image/gif, */*
<span class="token header-name keyword">Accept-Encoding:</span> gzip
<span class="token header-name keyword">Accept-Language:</span> en
<span class="token header-name keyword">Accept-Charset:</span> iso-8859-1,*,utf-8
<span class="token header-name keyword">Cookie:</span> name=xyz
</code></pre></div><h3 id="_1-3-cookie-类中的方法"><a href="#_1-3-cookie-类中的方法" class="header-anchor">#</a> 1.3. Cookie 类中的方法</h3> <table><thead><tr><th>方法</th> <th>功能</th></tr></thead> <tbody><tr><td>public void setDomain(String pattern)</td> <td>该方法设置 cookie 适用的域。</td></tr> <tr><td>public String getDomain()</td> <td>该方法获取 cookie 适用的域。</td></tr> <tr><td>public void setMaxAge(int expiry)</td> <td>该方法设置 cookie 过期的时间(以秒为单位)。如果不这样设置,cookie 只会在当前 session 会话中持续有效。</td></tr> <tr><td>public int getMaxAge()</td> <td>该方法返回 cookie 的最大生存周期(以秒为单位),默认情况下,-1 表示 cookie 将持续下去,直到浏览器关闭。</td></tr> <tr><td>public String getName()</td> <td>该方法返回 cookie 的名称。名称在创建后不能改变。</td></tr> <tr><td>public void setValue(String newValue)</td> <td>该方法设置与 cookie 关联的值。</td></tr> <tr><td>public String getValue()</td> <td>该方法获取与 cookie 关联的值。</td></tr> <tr><td>public void setPath(String uri)</td> <td>该方法设置 cookie 适用的路径。如果您不指定路径,与当前页面相同目录下的(包括子目录下的)所有 URL 都会返回 cookie。</td></tr> <tr><td>public String getPath()</td> <td>该方法获取 cookie 适用的路径。</td></tr> <tr><td>public void setSecure(boolean flag)</td> <td>该方法设置布尔值,向浏览器指示,只会在 HTTPS 和 SSL 等安全协议中传输此类 Cookie。</td></tr> <tr><td>public void setComment(String purpose)</td> <td>该方法规定了描述 cookie 目的的注释。该注释在浏览器向用户呈现 cookie 时非常有用。</td></tr> <tr><td>public String getComment()</td> <td>该方法返回了描述 cookie 目的的注释,如果 cookie 没有注释则返回 null。</td></tr></tbody></table> <h3 id="_1-4-cookie-的有效期"><a href="#_1-4-cookie-的有效期" class="header-anchor">#</a> 1.4. Cookie 的有效期</h3> <p><code>Cookie</code>的<code>maxAge</code>决定着 Cookie 的有效期,单位为秒。</p> <p>如果 maxAge 为 0,则表示删除该 Cookie;</p> <p>如果为负数,表示该 Cookie 仅在本浏览器中以及本窗口打开的子窗口内有效,关闭窗口后该 Cookie 即失效。</p> <p>Cookie 中提供<code>getMaxAge()</code><strong>和</strong><code>setMaxAge(int expiry)</code>方法来读写<code>maxAge</code>属性。</p> <h3 id="_1-5-cookie-的域名"><a href="#_1-5-cookie-的域名" class="header-anchor">#</a> 1.5. Cookie 的域名</h3> <p>Cookie 是不可以跨域名的。域名 www.google.com 颁发的 Cookie 不会被提交到域名 www.baidu.com 去。这是由 Cookie 的隐私安全机制决定的。隐私安全机制能够禁止网站非法获取其他网站的 Cookie。</p> <p>正常情况下,同一个一级域名的两个二级域名之间也不能互相使用 Cookie。如果想让某域名下的子域名也可以使用该 Cookie,需要设置 Cookie 的 domain 参数。</p> <p>Java 中使用<code>setDomain(Stringdomain)</code>和<code>getDomain()</code>方法来设置、获取 domain。</p> <h3 id="_1-6-cookie-的路径"><a href="#_1-6-cookie-的路径" class="header-anchor">#</a> 1.6. Cookie 的路径</h3> <p>Path 属性决定允许访问 Cookie 的路径。</p> <p>Java 中使用<code>setPath(Stringuri)</code>和<code>getPath()</code>方法来设置、获取 path。</p> <h3 id="_1-7-cookie-的安全属性"><a href="#_1-7-cookie-的安全属性" class="header-anchor">#</a> 1.7. Cookie 的安全属性</h3> <p>HTTP 协议不仅是无状态的,而且是不安全的。</p> <p>使用 HTTP 协议的数据不经过任何加密就直接在网络上传播,有被截获的可能。如果不希望 Cookie 在 HTTP 等非安全协议中传输,可以设置 Cookie 的 secure 属性为 true。浏览器只会在 HTTPS 和 SSL 等安全协议中传输此类 Cookie。</p> <p>Java 中使用<code>setSecure(booleanflag)</code>和<code>getSecure ()</code>方法来设置、获取 Secure。</p> <h3 id="_1-8-cookie-实例"><a href="#_1-8-cookie-实例" class="header-anchor">#</a> 1.8. Cookie 实例</h3> <h4 id="_1-8-1-添加-cookie"><a href="#_1-8-1-添加-cookie" class="header-anchor">#</a> 1.8.1. 添加 Cookie</h4> <p>通过 Servlet 添加 Cookies 包括三个步骤:</p> <ol><li><p>创建一个 Cookie 对象:您可以调用带有 cookie 名称和 cookie 值的 Cookie 构造函数,cookie 名称和 cookie 值都是字符串。</p></li> <li><p>设置最大生存周期:您可以使用 <code>setMaxAge</code> 方法来指定 cookie 能够保持有效的时间(以秒为单位)。</p></li> <li><p>发送 Cookie 到 HTTP 响应头:您可以使用 <code>response.addCookie</code> 来添加 HTTP 响应头中的 Cookies。</p></li></ol> <p>AddCookies.java</p> <div class="language-java extra-class"><pre class="language-java"><code><span class="token keyword">import</span> <span class="token namespace">java<span class="token punctuation">.</span>io<span class="token punctuation">.</span></span><span class="token class-name">IOException</span><span class="token punctuation">;</span>
<span class="token keyword">import</span> <span class="token namespace">java<span class="token punctuation">.</span>io<span class="token punctuation">.</span></span><span class="token class-name">PrintWriter</span><span class="token punctuation">;</span>
<span class="token keyword">import</span> <span class="token namespace">java<span class="token punctuation">.</span>net<span class="token punctuation">.</span></span><span class="token class-name">URLEncoder</span><span class="token punctuation">;</span>
<span class="token keyword">import</span> <span class="token namespace">javax<span class="token punctuation">.</span>servlet<span class="token punctuation">.</span></span><span class="token class-name">ServletException</span><span class="token punctuation">;</span>
<span class="token keyword">import</span> <span class="token namespace">javax<span class="token punctuation">.</span>servlet<span class="token punctuation">.</span>annotation<span class="token punctuation">.</span></span><span class="token class-name">WebServlet</span><span class="token punctuation">;</span>
<span class="token keyword">import</span> <span class="token namespace">javax<span class="token punctuation">.</span>servlet<span class="token punctuation">.</span>http<span class="token punctuation">.</span></span><span class="token class-name">Cookie</span><span class="token punctuation">;</span>
<span class="token keyword">import</span> <span class="token namespace">javax<span class="token punctuation">.</span>servlet<span class="token punctuation">.</span>http<span class="token punctuation">.</span></span><span class="token class-name">HttpServlet</span><span class="token punctuation">;</span>
<span class="token keyword">import</span> <span class="token namespace">javax<span class="token punctuation">.</span>servlet<span class="token punctuation">.</span>http<span class="token punctuation">.</span></span><span class="token class-name">HttpServletRequest</span><span class="token punctuation">;</span>
<span class="token keyword">import</span> <span class="token namespace">javax<span class="token punctuation">.</span>servlet<span class="token punctuation">.</span>http<span class="token punctuation">.</span></span><span class="token class-name">HttpServletResponse</span><span class="token punctuation">;</span>
<span class="token annotation punctuation">@WebServlet</span><span class="token punctuation">(</span><span class="token string">"/servlet/AddCookies"</span><span class="token punctuation">)</span>
<span class="token keyword">public</span> <span class="token keyword">class</span> <span class="token class-name">AddCookies</span> <span class="token keyword">extends</span> <span class="token class-name">HttpServlet</span> <span class="token punctuation">{</span>
<span class="token keyword">private</span> <span class="token keyword">static</span> <span class="token keyword">final</span> <span class="token keyword">long</span> serialVersionUID <span class="token operator">=</span> <span class="token number">1L</span><span class="token punctuation">;</span>
<span class="token comment">/**
* @see HttpServlet#HttpServlet()
*/</span>
<span class="token keyword">public</span> <span class="token class-name">AddCookies</span><span class="token punctuation">(</span><span class="token punctuation">)</span> <span class="token punctuation">{</span>
<span class="token keyword">super</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span>
<span class="token comment">/**
* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
*/</span>
<span class="token keyword">public</span> <span class="token keyword">void</span> <span class="token function">doGet</span><span class="token punctuation">(</span><span class="token class-name">HttpServletRequest</span> request<span class="token punctuation">,</span> <span class="token class-name">HttpServletResponse</span> response<span class="token punctuation">)</span>
<span class="token keyword">throws</span> <span class="token class-name">ServletException</span><span class="token punctuation">,</span> <span class="token class-name">IOException</span> <span class="token punctuation">{</span>
<span class="token comment">// 为名字和姓氏创建 Cookie</span>
<span class="token class-name">Cookie</span> name <span class="token operator">=</span> <span class="token keyword">new</span> <span class="token class-name">Cookie</span><span class="token punctuation">(</span><span class="token string">"name"</span><span class="token punctuation">,</span> <span class="token class-name">URLEncoder</span><span class="token punctuation">.</span><span class="token function">encode</span><span class="token punctuation">(</span>request<span class="token punctuation">.</span><span class="token function">getParameter</span><span class="token punctuation">(</span><span class="token string">"name"</span><span class="token punctuation">)</span><span class="token punctuation">,</span> <span class="token string">"UTF-8"</span><span class="token punctuation">)</span><span class="token punctuation">)</span><span class="token punctuation">;</span> <span class="token comment">// 中文转码</span>
<span class="token class-name">Cookie</span> url <span class="token operator">=</span> <span class="token keyword">new</span> <span class="token class-name">Cookie</span><span class="token punctuation">(</span><span class="token string">"url"</span><span class="token punctuation">,</span> request<span class="token punctuation">.</span><span class="token function">getParameter</span><span class="token punctuation">(</span><span class="token string">"url"</span><span class="token punctuation">)</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token comment">// 为两个 Cookie 设置过期日期为 24 小时后</span>
name<span class="token punctuation">.</span><span class="token function">setMaxAge</span><span class="token punctuation">(</span><span class="token number">60</span> <span class="token operator">*</span> <span class="token number">60</span> <span class="token operator">*</span> <span class="token number">24</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
url<span class="token punctuation">.</span><span class="token function">setMaxAge</span><span class="token punctuation">(</span><span class="token number">60</span> <span class="token operator">*</span> <span class="token number">60</span> <span class="token operator">*</span> <span class="token number">24</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token comment">// 在响应头中添加两个 Cookie</span>
response<span class="token punctuation">.</span><span class="token function">addCookie</span><span class="token punctuation">(</span>name<span class="token punctuation">)</span><span class="token punctuation">;</span>
response<span class="token punctuation">.</span><span class="token function">addCookie</span><span class="token punctuation">(</span>url<span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token comment">// 设置响应内容类型</span>
response<span class="token punctuation">.</span><span class="token function">setContentType</span><span class="token punctuation">(</span><span class="token string">"text/html;charset=UTF-8"</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token class-name">PrintWriter</span> out <span class="token operator">=</span> response<span class="token punctuation">.</span><span class="token function">getWriter</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token class-name">String</span> title <span class="token operator">=</span> <span class="token string">"设置 Cookie 实例"</span><span class="token punctuation">;</span>
<span class="token class-name">String</span> docType <span class="token operator">=</span> <span class="token string">"<!DOCTYPE html>\n"</span><span class="token punctuation">;</span>
out<span class="token punctuation">.</span><span class="token function">println</span><span class="token punctuation">(</span>docType <span class="token operator">+</span> <span class="token string">"<html>\n"</span> <span class="token operator">+</span> <span class="token string">"<head><title>"</span> <span class="token operator">+</span> title <span class="token operator">+</span> <span class="token string">"</title></head>\n"</span>
<span class="token operator">+</span> <span class="token string">"<body bgcolor=\"#f0f0f0\">\n"</span> <span class="token operator">+</span> <span class="token string">"<h1 align=\"center\">"</span> <span class="token operator">+</span> title
<span class="token operator">+</span> <span class="token string">"</h1>\n"</span> <span class="token operator">+</span> <span class="token string">"<ul>\n"</span> <span class="token operator">+</span> <span class="token string">" <li><b>站点名:</b>:"</span> <span class="token operator">+</span> request<span class="token punctuation">.</span><span class="token function">getParameter</span><span class="token punctuation">(</span><span class="token string">"name"</span><span class="token punctuation">)</span>
<span class="token operator">+</span> <span class="token string">"\n</li>"</span> <span class="token operator">+</span> <span class="token string">" <li><b>站点 URL:</b>:"</span> <span class="token operator">+</span> request<span class="token punctuation">.</span><span class="token function">getParameter</span><span class="token punctuation">(</span><span class="token string">"url"</span><span class="token punctuation">)</span>
<span class="token operator">+</span> <span class="token string">"\n</li>"</span> <span class="token operator">+</span> <span class="token string">"</ul>\n"</span> <span class="token operator">+</span> <span class="token string">"</body></html>"</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span>
<span class="token comment">/**
* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
*/</span>
<span class="token keyword">protected</span> <span class="token keyword">void</span> <span class="token function">doPost</span><span class="token punctuation">(</span><span class="token class-name">HttpServletRequest</span> request<span class="token punctuation">,</span> <span class="token class-name">HttpServletResponse</span> response<span class="token punctuation">)</span>
<span class="token keyword">throws</span> <span class="token class-name">ServletException</span><span class="token punctuation">,</span> <span class="token class-name">IOException</span> <span class="token punctuation">{</span>
<span class="token function">doGet</span><span class="token punctuation">(</span>request<span class="token punctuation">,</span> response<span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span>
<span class="token punctuation">}</span>
</code></pre></div><p>addCookies.jsp</p> <div class="language-java extra-class"><pre class="language-java"><code><span class="token operator"><</span><span class="token operator">%</span>@ page language<span class="token operator">=</span><span class="token string">"java"</span> pageEncoding<span class="token operator">=</span><span class="token string">"UTF-8"</span> <span class="token operator">%</span><span class="token operator">></span>
<span class="token operator"><</span><span class="token operator">!</span>DOCTYPE HTML PUBLIC <span class="token string">"-//W3C//DTD HTML 4.01 Transitional//EN"</span><span class="token operator">></span>
<span class="token generics"><span class="token punctuation"><</span>html<span class="token punctuation">></span></span>
<span class="token generics"><span class="token punctuation"><</span>head<span class="token punctuation">></span></span>
<span class="token operator"><</span>meta charset<span class="token operator">=</span><span class="token string">"utf-8"</span><span class="token operator">></span>
<span class="token generics"><span class="token punctuation"><</span>title<span class="token punctuation">></span></span>添加<span class="token class-name">Cookie</span><span class="token operator"><</span><span class="token operator">/</span>title<span class="token operator">></span>
<span class="token operator"><</span><span class="token operator">/</span>head<span class="token operator">></span>
<span class="token generics"><span class="token punctuation"><</span>body<span class="token punctuation">></span></span>
<span class="token operator"><</span>form action<span class="token operator">=</span><span class="token operator">/</span>servlet<span class="token operator">/</span><span class="token class-name">AddCookies</span> method<span class="token operator">=</span><span class="token string">"GET"</span><span class="token operator">></span>
站点名 :<span class="token operator"><</span>input type<span class="token operator">=</span><span class="token string">"text"</span> name<span class="token operator">=</span><span class="token string">"name"</span><span class="token operator">></span>
<span class="token operator"><</span>br<span class="token operator">/</span><span class="token operator">></span>
站点 URL:<span class="token operator"><</span>input type<span class="token operator">=</span><span class="token string">"text"</span> name<span class="token operator">=</span><span class="token string">"url"</span><span class="token operator">/</span><span class="token operator">></span><span class="token generics"><span class="token punctuation"><</span>br<span class="token punctuation">></span></span>
<span class="token operator"><</span>input type<span class="token operator">=</span><span class="token string">"submit"</span> value<span class="token operator">=</span><span class="token string">"提交"</span><span class="token operator">/</span><span class="token operator">></span>
<span class="token operator"><</span><span class="token operator">/</span>form<span class="token operator">></span>
<span class="token operator"><</span><span class="token operator">/</span>body<span class="token operator">></span>
<span class="token operator"><</span><span class="token operator">/</span>html<span class="token operator">></span>
</code></pre></div><h4 id="_1-8-2-显示-cookie"><a href="#_1-8-2-显示-cookie" class="header-anchor">#</a> 1.8.2. 显示 Cookie</h4> <p>要读取 Cookies,您需要通过调用 <code>HttpServletRequest</code> 的 <code>getCookies()</code> 方法创建一个 <code>javax.servlet.http.Cookie</code> 对象的数组。然后循环遍历数组,并使用 <code>getName()</code> 和 <code>getValue()</code> 方法来访问每个 cookie 和关联的值。</p> <p>ReadCookies.java</p> <div class="language-java extra-class"><pre class="language-java"><code><span class="token keyword">import</span> <span class="token namespace">java<span class="token punctuation">.</span>io<span class="token punctuation">.</span></span><span class="token class-name">IOException</span><span class="token punctuation">;</span>
<span class="token keyword">import</span> <span class="token namespace">java<span class="token punctuation">.</span>io<span class="token punctuation">.</span></span><span class="token class-name">PrintWriter</span><span class="token punctuation">;</span>
<span class="token keyword">import</span> <span class="token namespace">java<span class="token punctuation">.</span>net<span class="token punctuation">.</span></span><span class="token class-name">URLDecoder</span><span class="token punctuation">;</span>
<span class="token keyword">import</span> <span class="token namespace">javax<span class="token punctuation">.</span>servlet<span class="token punctuation">.</span></span><span class="token class-name">ServletException</span><span class="token punctuation">;</span>
<span class="token keyword">import</span> <span class="token namespace">javax<span class="token punctuation">.</span>servlet<span class="token punctuation">.</span>annotation<span class="token punctuation">.</span></span><span class="token class-name">WebServlet</span><span class="token punctuation">;</span>
<span class="token keyword">import</span> <span class="token namespace">javax<span class="token punctuation">.</span>servlet<span class="token punctuation">.</span>http<span class="token punctuation">.</span></span><span class="token class-name">Cookie</span><span class="token punctuation">;</span>
<span class="token keyword">import</span> <span class="token namespace">javax<span class="token punctuation">.</span>servlet<span class="token punctuation">.</span>http<span class="token punctuation">.</span></span><span class="token class-name">HttpServlet</span><span class="token punctuation">;</span>
<span class="token keyword">import</span> <span class="token namespace">javax<span class="token punctuation">.</span>servlet<span class="token punctuation">.</span>http<span class="token punctuation">.</span></span><span class="token class-name">HttpServletRequest</span><span class="token punctuation">;</span>
<span class="token keyword">import</span> <span class="token namespace">javax<span class="token punctuation">.</span>servlet<span class="token punctuation">.</span>http<span class="token punctuation">.</span></span><span class="token class-name">HttpServletResponse</span><span class="token punctuation">;</span>
<span class="token annotation punctuation">@WebServlet</span><span class="token punctuation">(</span><span class="token string">"/servlet/ReadCookies"</span><span class="token punctuation">)</span>
<span class="token keyword">public</span> <span class="token keyword">class</span> <span class="token class-name">ReadCookies</span> <span class="token keyword">extends</span> <span class="token class-name">HttpServlet</span> <span class="token punctuation">{</span>
<span class="token keyword">private</span> <span class="token keyword">static</span> <span class="token keyword">final</span> <span class="token keyword">long</span> serialVersionUID <span class="token operator">=</span> <span class="token number">1L</span><span class="token punctuation">;</span>
<span class="token comment">/**
* @see HttpServlet#HttpServlet()
*/</span>
<span class="token keyword">public</span> <span class="token class-name">ReadCookies</span><span class="token punctuation">(</span><span class="token punctuation">)</span> <span class="token punctuation">{</span>
<span class="token keyword">super</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span>
<span class="token comment">/**
* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
*/</span>
<span class="token keyword">public</span> <span class="token keyword">void</span> <span class="token function">doGet</span><span class="token punctuation">(</span><span class="token class-name">HttpServletRequest</span> request<span class="token punctuation">,</span> <span class="token class-name">HttpServletResponse</span> response<span class="token punctuation">)</span>
<span class="token keyword">throws</span> <span class="token class-name">ServletException</span><span class="token punctuation">,</span> <span class="token class-name">IOException</span> <span class="token punctuation">{</span>
<span class="token class-name">Cookie</span> cookie <span class="token operator">=</span> <span class="token keyword">null</span><span class="token punctuation">;</span>
<span class="token class-name">Cookie</span><span class="token punctuation">[</span><span class="token punctuation">]</span> cookies <span class="token operator">=</span> <span class="token keyword">null</span><span class="token punctuation">;</span>
<span class="token comment">// 获取与该域相关的 Cookie 的数组</span>
cookies <span class="token operator">=</span> request<span class="token punctuation">.</span><span class="token function">getCookies</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token comment">// 设置响应内容类型</span>
response<span class="token punctuation">.</span><span class="token function">setContentType</span><span class="token punctuation">(</span><span class="token string">"text/html;charset=UTF-8"</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token class-name">PrintWriter</span> out <span class="token operator">=</span> response<span class="token punctuation">.</span><span class="token function">getWriter</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token class-name">String</span> title <span class="token operator">=</span> <span class="token string">"Delete Cookie Example"</span><span class="token punctuation">;</span>
<span class="token class-name">String</span> docType <span class="token operator">=</span> <span class="token string">"<!DOCTYPE html>\n"</span><span class="token punctuation">;</span>
out<span class="token punctuation">.</span><span class="token function">println</span><span class="token punctuation">(</span>docType <span class="token operator">+</span> <span class="token string">"<html>\n"</span> <span class="token operator">+</span> <span class="token string">"<head><title>"</span> <span class="token operator">+</span> title <span class="token operator">+</span> <span class="token string">"</title></head>\n"</span>
<span class="token operator">+</span> <span class="token string">"<body bgcolor=\"#f0f0f0\">\n"</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token keyword">if</span> <span class="token punctuation">(</span>cookies <span class="token operator">!=</span> <span class="token keyword">null</span><span class="token punctuation">)</span> <span class="token punctuation">{</span>
out<span class="token punctuation">.</span><span class="token function">println</span><span class="token punctuation">(</span><span class="token string">"<h2>Cookie 名称和值</h2>"</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token keyword">for</span> <span class="token punctuation">(</span><span class="token keyword">int</span> i <span class="token operator">=</span> <span class="token number">0</span><span class="token punctuation">;</span> i <span class="token operator"><</span> cookies<span class="token punctuation">.</span>length<span class="token punctuation">;</span> i<span class="token operator">++</span><span class="token punctuation">)</span> <span class="token punctuation">{</span>
cookie <span class="token operator">=</span> cookies<span class="token punctuation">[</span>i<span class="token punctuation">]</span><span class="token punctuation">;</span>
<span class="token keyword">if</span> <span class="token punctuation">(</span><span class="token punctuation">(</span>cookie<span class="token punctuation">.</span><span class="token function">getName</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">)</span><span class="token punctuation">.</span><span class="token function">compareTo</span><span class="token punctuation">(</span><span class="token string">"name"</span><span class="token punctuation">)</span> <span class="token operator">==</span> <span class="token number">0</span><span class="token punctuation">)</span> <span class="token punctuation">{</span>
cookie<span class="token punctuation">.</span><span class="token function">setMaxAge</span><span class="token punctuation">(</span><span class="token number">0</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
response<span class="token punctuation">.</span><span class="token function">addCookie</span><span class="token punctuation">(</span>cookie<span class="token punctuation">)</span><span class="token punctuation">;</span>
out<span class="token punctuation">.</span><span class="token function">print</span><span class="token punctuation">(</span><span class="token string">"已删除的 cookie:"</span> <span class="token operator">+</span> cookie<span class="token punctuation">.</span><span class="token function">getName</span><span class="token punctuation">(</span><span class="token punctuation">)</span> <span class="token operator">+</span> <span class="token string">"<br/>"</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span>
out<span class="token punctuation">.</span><span class="token function">print</span><span class="token punctuation">(</span><span class="token string">"名称:"</span> <span class="token operator">+</span> cookie<span class="token punctuation">.</span><span class="token function">getName</span><span class="token punctuation">(</span><span class="token punctuation">)</span> <span class="token operator">+</span> <span class="token string">","</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
out<span class="token punctuation">.</span><span class="token function">print</span><span class="token punctuation">(</span><span class="token string">"值:"</span> <span class="token operator">+</span> <span class="token class-name">URLDecoder</span><span class="token punctuation">.</span><span class="token function">decode</span><span class="token punctuation">(</span>cookie<span class="token punctuation">.</span><span class="token function">getValue</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">,</span> <span class="token string">"utf-8"</span><span class="token punctuation">)</span> <span class="token operator">+</span> <span class="token string">" <br/>"</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span>
<span class="token punctuation">}</span> <span class="token keyword">else</span> <span class="token punctuation">{</span>
out<span class="token punctuation">.</span><span class="token function">println</span><span class="token punctuation">(</span><span class="token string">"<h2 class=\"tutheader\">No Cookie founds</h2>"</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span>
out<span class="token punctuation">.</span><span class="token function">println</span><span class="token punctuation">(</span><span class="token string">"</body>"</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
out<span class="token punctuation">.</span><span class="token function">println</span><span class="token punctuation">(</span><span class="token string">"</html>"</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span>
<span class="token comment">/**
* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
*/</span>
<span class="token keyword">protected</span> <span class="token keyword">void</span> <span class="token function">doPost</span><span class="token punctuation">(</span><span class="token class-name">HttpServletRequest</span> request<span class="token punctuation">,</span> <span class="token class-name">HttpServletResponse</span> response<span class="token punctuation">)</span>
<span class="token keyword">throws</span> <span class="token class-name">ServletException</span><span class="token punctuation">,</span> <span class="token class-name">IOException</span> <span class="token punctuation">{</span>
<span class="token function">doGet</span><span class="token punctuation">(</span>request<span class="token punctuation">,</span> response<span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span>
<span class="token punctuation">}</span>
</code></pre></div><h4 id="_1-8-3-删除-cookie"><a href="#_1-8-3-删除-cookie" class="header-anchor">#</a> 1.8.3. 删除 Cookie</h4> <p>Java 中并没有提供直接删除 Cookie 的方法,如果想要删除一个 Cookie,直接将这个 Cookie 的有效期设为 0 就可以了。步骤如下:</p> <ol><li><p>读取一个现有的 cookie,并把它存储在 Cookie 对象中。</p></li> <li><p>使用 <code>setMaxAge()</code> 方法设置 cookie 的年龄为零,来删除现有的 cookie。</p></li> <li><p>把这个 cookie 添加到响应头。</p></li></ol> <p>DeleteCookies.java</p> <div class="language-java extra-class"><pre class="language-java"><code><span class="token keyword">import</span> <span class="token namespace">java<span class="token punctuation">.</span>io<span class="token punctuation">.</span></span><span class="token class-name">IOException</span><span class="token punctuation">;</span>
<span class="token keyword">import</span> <span class="token namespace">java<span class="token punctuation">.</span>io<span class="token punctuation">.</span></span><span class="token class-name">PrintWriter</span><span class="token punctuation">;</span>
<span class="token keyword">import</span> <span class="token namespace">javax<span class="token punctuation">.</span>servlet<span class="token punctuation">.</span></span><span class="token class-name">ServletException</span><span class="token punctuation">;</span>
<span class="token keyword">import</span> <span class="token namespace">javax<span class="token punctuation">.</span>servlet<span class="token punctuation">.</span>annotation<span class="token punctuation">.</span></span><span class="token class-name">WebServlet</span><span class="token punctuation">;</span>
<span class="token keyword">import</span> <span class="token namespace">javax<span class="token punctuation">.</span>servlet<span class="token punctuation">.</span>http<span class="token punctuation">.</span></span><span class="token class-name">Cookie</span><span class="token punctuation">;</span>
<span class="token keyword">import</span> <span class="token namespace">javax<span class="token punctuation">.</span>servlet<span class="token punctuation">.</span>http<span class="token punctuation">.</span></span><span class="token class-name">HttpServlet</span><span class="token punctuation">;</span>
<span class="token keyword">import</span> <span class="token namespace">javax<span class="token punctuation">.</span>servlet<span class="token punctuation">.</span>http<span class="token punctuation">.</span></span><span class="token class-name">HttpServletRequest</span><span class="token punctuation">;</span>
<span class="token keyword">import</span> <span class="token namespace">javax<span class="token punctuation">.</span>servlet<span class="token punctuation">.</span>http<span class="token punctuation">.</span></span><span class="token class-name">HttpServletResponse</span><span class="token punctuation">;</span>
<span class="token annotation punctuation">@WebServlet</span><span class="token punctuation">(</span><span class="token string">"/servlet/DeleteCookies"</span><span class="token punctuation">)</span>
<span class="token keyword">public</span> <span class="token keyword">class</span> <span class="token class-name">DeleteCookies</span> <span class="token keyword">extends</span> <span class="token class-name">HttpServlet</span> <span class="token punctuation">{</span>
<span class="token keyword">private</span> <span class="token keyword">static</span> <span class="token keyword">final</span> <span class="token keyword">long</span> serialVersionUID <span class="token operator">=</span> <span class="token number">1L</span><span class="token punctuation">;</span>
<span class="token comment">/**
* @see HttpServlet#HttpServlet()
*/</span>
<span class="token keyword">public</span> <span class="token class-name">DeleteCookies</span><span class="token punctuation">(</span><span class="token punctuation">)</span> <span class="token punctuation">{</span>
<span class="token keyword">super</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span>
<span class="token comment">/**
* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
*/</span>
<span class="token keyword">public</span> <span class="token keyword">void</span> <span class="token function">doGet</span><span class="token punctuation">(</span><span class="token class-name">HttpServletRequest</span> request<span class="token punctuation">,</span> <span class="token class-name">HttpServletResponse</span> response<span class="token punctuation">)</span>
<span class="token keyword">throws</span> <span class="token class-name">ServletException</span><span class="token punctuation">,</span> <span class="token class-name">IOException</span> <span class="token punctuation">{</span>
<span class="token class-name">Cookie</span> cookie <span class="token operator">=</span> <span class="token keyword">null</span><span class="token punctuation">;</span>
<span class="token class-name">Cookie</span><span class="token punctuation">[</span><span class="token punctuation">]</span> cookies <span class="token operator">=</span> <span class="token keyword">null</span><span class="token punctuation">;</span>
<span class="token comment">// 获取与该域相关的 Cookie 的数组</span>
cookies <span class="token operator">=</span> request<span class="token punctuation">.</span><span class="token function">getCookies</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token comment">// 设置响应内容类型</span>
response<span class="token punctuation">.</span><span class="token function">setContentType</span><span class="token punctuation">(</span><span class="token string">"text/html;charset=UTF-8"</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token class-name">PrintWriter</span> out <span class="token operator">=</span> response<span class="token punctuation">.</span><span class="token function">getWriter</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token class-name">String</span> title <span class="token operator">=</span> <span class="token string">"删除 Cookie 实例"</span><span class="token punctuation">;</span>
<span class="token class-name">String</span> docType <span class="token operator">=</span> <span class="token string">"<!DOCTYPE html>\n"</span><span class="token punctuation">;</span>
out<span class="token punctuation">.</span><span class="token function">println</span><span class="token punctuation">(</span>docType <span class="token operator">+</span> <span class="token string">"<html>\n"</span> <span class="token operator">+</span> <span class="token string">"<head><title>"</span> <span class="token operator">+</span> title <span class="token operator">+</span> <span class="token string">"</title></head>\n"</span>
<span class="token operator">+</span> <span class="token string">"<body bgcolor=\"#f0f0f0\">\n"</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token keyword">if</span> <span class="token punctuation">(</span>cookies <span class="token operator">!=</span> <span class="token keyword">null</span><span class="token punctuation">)</span> <span class="token punctuation">{</span>
out<span class="token punctuation">.</span><span class="token function">println</span><span class="token punctuation">(</span><span class="token string">"<h2>Cookie 名称和值</h2>"</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token keyword">for</span> <span class="token punctuation">(</span><span class="token keyword">int</span> i <span class="token operator">=</span> <span class="token number">0</span><span class="token punctuation">;</span> i <span class="token operator"><</span> cookies<span class="token punctuation">.</span>length<span class="token punctuation">;</span> i<span class="token operator">++</span><span class="token punctuation">)</span> <span class="token punctuation">{</span>
cookie <span class="token operator">=</span> cookies<span class="token punctuation">[</span>i<span class="token punctuation">]</span><span class="token punctuation">;</span>
<span class="token keyword">if</span> <span class="token punctuation">(</span><span class="token punctuation">(</span>cookie<span class="token punctuation">.</span><span class="token function">getName</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">)</span><span class="token punctuation">.</span><span class="token function">compareTo</span><span class="token punctuation">(</span><span class="token string">"url"</span><span class="token punctuation">)</span> <span class="token operator">==</span> <span class="token number">0</span><span class="token punctuation">)</span> <span class="token punctuation">{</span>
cookie<span class="token punctuation">.</span><span class="token function">setMaxAge</span><span class="token punctuation">(</span><span class="token number">0</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
response<span class="token punctuation">.</span><span class="token function">addCookie</span><span class="token punctuation">(</span>cookie<span class="token punctuation">)</span><span class="token punctuation">;</span>
out<span class="token punctuation">.</span><span class="token function">print</span><span class="token punctuation">(</span><span class="token string">"已删除的 cookie:"</span> <span class="token operator">+</span> cookie<span class="token punctuation">.</span><span class="token function">getName</span><span class="token punctuation">(</span><span class="token punctuation">)</span> <span class="token operator">+</span> <span class="token string">"<br/>"</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span>
out<span class="token punctuation">.</span><span class="token function">print</span><span class="token punctuation">(</span><span class="token string">"名称:"</span> <span class="token operator">+</span> cookie<span class="token punctuation">.</span><span class="token function">getName</span><span class="token punctuation">(</span><span class="token punctuation">)</span> <span class="token operator">+</span> <span class="token string">","</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
out<span class="token punctuation">.</span><span class="token function">print</span><span class="token punctuation">(</span><span class="token string">"值:"</span> <span class="token operator">+</span> cookie<span class="token punctuation">.</span><span class="token function">getValue</span><span class="token punctuation">(</span><span class="token punctuation">)</span> <span class="token operator">+</span> <span class="token string">" <br/>"</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span>
<span class="token punctuation">}</span> <span class="token keyword">else</span> <span class="token punctuation">{</span>
out<span class="token punctuation">.</span><span class="token function">println</span><span class="token punctuation">(</span><span class="token string">"<h2 class=\"tutheader\">No Cookie founds</h2>"</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span>
out<span class="token punctuation">.</span><span class="token function">println</span><span class="token punctuation">(</span><span class="token string">"</body>"</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
out<span class="token punctuation">.</span><span class="token function">println</span><span class="token punctuation">(</span><span class="token string">"</html>"</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span>
<span class="token comment">/**
* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
*/</span>
<span class="token keyword">protected</span> <span class="token keyword">void</span> <span class="token function">doPost</span><span class="token punctuation">(</span><span class="token class-name">HttpServletRequest</span> request<span class="token punctuation">,</span> <span class="token class-name">HttpServletResponse</span> response<span class="token punctuation">)</span>
<span class="token keyword">throws</span> <span class="token class-name">ServletException</span><span class="token punctuation">,</span> <span class="token class-name">IOException</span> <span class="token punctuation">{</span>
<span class="token function">doGet</span><span class="token punctuation">(</span>request<span class="token punctuation">,</span> response<span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span>
<span class="token punctuation">}</span>
</code></pre></div><h2 id="_2-session"><a href="#_2-session" class="header-anchor">#</a> 2. Session</h2> <h3 id="_2-1-session-是什么"><a href="#_2-1-session-是什么" class="header-anchor">#</a> 2.1. Session 是什么</h3> <p>不同于 Cookie 保存在客户端浏览器中,Session 保存在服务器上。</p> <p>如果说 Cookie 机制是通过检查客户身上的“通行证”来确定客户身份的话,那么 Session 机制就是通过检查服务器上的“客户明细表”来确认客户身份。</p> <p>Session 对应的类为 <code>javax.servlet.http.HttpSession</code> 类。Session 对象是在客户第一次请求服务器时创建的。</p> <h3 id="_2-2-session-类中的方法"><a href="#_2-2-session-类中的方法" class="header-anchor">#</a> 2.2. Session 类中的方法</h3> <p><code>javax.servlet.http.HttpSession</code> 类中的方法:</p> <table><thead><tr><th><strong>方法</strong></th> <th><strong>功能</strong></th></tr></thead> <tbody><tr><td>public Object getAttribute(String name)</td> <td>该方法返回在该 session 会话中具有指定名称的对象,如果没有指定名称的对象,则返回 null。</td></tr> <tr><td>public Enumeration getAttributeNames()</td> <td>该方法返回 String 对象的枚举,String 对象包含所有绑定到该 session 会话的对象的名称。</td></tr> <tr><td>public long getCreationTime()</td> <td>该方法返回该 session 会话被创建的时间,自格林尼治标准时间 1970 年 1 月 1 日午夜算起,以毫秒为单位。</td></tr> <tr><td>public String getId()</td> <td>该方法返回一个包含分配给该 session 会话的唯一标识符的字符串。</td></tr> <tr><td>public long getLastAccessedTime()</td> <td>该方法返回客户端最后一次发送与该 session 会话相关的请求的时间自格林尼治标准时间 1970 年 1 月 1 日午夜算起,以毫秒为单位。</td></tr> <tr><td>public int getMaxInactiveInterval()</td> <td>该方法返回 Servlet 容器在客户端访问时保持 session 会话打开的最大时间间隔,以秒为单位。</td></tr> <tr><td>public void invalidate()</td> <td>该方法指示该 session 会话无效,并解除绑定到它上面的任何对象。</td></tr> <tr><td>public boolean isNew()</td> <td>如果客户端还不知道该 session 会话,或者如果客户选择不参入该 session 会话,则该方法返回 true。</td></tr> <tr><td>public void removeAttribute(String name)</td> <td>该方法将从该 session 会话移除指定名称的对象。</td></tr> <tr><td>public void setAttribute(String name, Object value)</td> <td>该方法使用指定的名称绑定一个对象到该 session 会话。</td></tr> <tr><td>public void setMaxInactiveInterval(int interval)</td> <td>该方法在 Servlet 容器指示该 session 会话无效之前,指定客户端请求之间的时间,以秒为单位。</td></tr></tbody></table> <h3 id="_2-3-session-的有效期"><a href="#_2-3-session-的有效期" class="header-anchor">#</a> 2.3. Session 的有效期</h3> <p>由于会有越来越多的用户访问服务器,因此 Session 也会越来越多。为防止内存溢出,服务器会把长时间没有活跃的 Session 从内存中删除。</p> <p>Session 的超时时间为<code>maxInactiveInterval</code>属性,可以通过<code>getMaxInactiveInterval()</code>、<code>setMaxInactiveInterval(longinterval)</code>来读写这个属性。</p> <p>Tomcat 中 Session 的默认超时时间为 20 分钟。可以修改 web.xml 改变 Session 的默认超时时间。</p> <p>例:</p> <div class="language-xml extra-class"><pre class="language-xml"><code><span class="token tag"><span class="token tag"><span class="token punctuation"><</span>session-config</span><span class="token punctuation">></span></span>
<span class="token tag"><span class="token tag"><span class="token punctuation"><</span>session-timeout</span><span class="token punctuation">></span></span>60<span class="token tag"><span class="token tag"><span class="token punctuation"></</span>session-timeout</span><span class="token punctuation">></span></span>
<span class="token tag"><span class="token tag"><span class="token punctuation"></</span>session-config</span><span class="token punctuation">></span></span>
</code></pre></div><h3 id="_2-4-session-对浏览器的要求"><a href="#_2-4-session-对浏览器的要求" class="header-anchor">#</a> 2.4. Session 对浏览器的要求</h3> <p>HTTP 协议是无状态的,Session 不能依据 HTTP 连接来判断是否为同一客户。因此服务器向客户端浏览器发送一个名为 JESSIONID 的 Cookie,他的值为该 Session 的 id(也就是 HttpSession.getId()的返回值)。Session 依据该 Cookie 来识别是否为同一用户。</p> <p>该 Cookie 为服务器自动生成的,它的<code>maxAge</code>属性一般为-1,表示仅当前浏览器内有效,并且各浏览器窗口间不共享,关闭浏览器就会失效。</p> <h3 id="_2-5-url-地址重写"><a href="#_2-5-url-地址重写" class="header-anchor">#</a> 2.5. URL 地址重写</h3> <p>URL 地址重写的原理是将该用户 Session 的 id 信息重写到 URL 地址中。服务器能够解析重写后的 URL 获取 Session 的 id。这样即使客户端不支持 Cookie,也可以使用 Session 来记录用户状态。</p> <p><code>HttpServletResponse</code>类提供了<code>encodeURL(Stringurl)</code>实现 URL 地址重写。</p> <h3 id="_2-6-session-中禁用-cookie"><a href="#_2-6-session-中禁用-cookie" class="header-anchor">#</a> 2.6. Session 中禁用 Cookie</h3> <p>在<code>META-INF/context.xml</code>中编辑如下:</p> <div class="language-xml extra-class"><pre class="language-xml"><code><span class="token tag"><span class="token tag"><span class="token punctuation"><</span>Context</span> <span class="token attr-name">path</span><span class="token attr-value"><span class="token punctuation attr-equals">=</span><span class="token punctuation">"</span>/SessionNotes<span class="token punctuation">"</span></span> <span class="token attr-name">cookies</span><span class="token attr-value"><span class="token punctuation attr-equals">=</span><span class="token punctuation">"</span>true<span class="token punctuation">"</span></span><span class="token punctuation">></span></span>
<span class="token tag"><span class="token tag"><span class="token punctuation"></</span>Context</span><span class="token punctuation">></span></span>
</code></pre></div><p>部署后,TOMCAT 便不会自动生成名 JESSIONID 的 Cookie,Session 也不会以 Cookie 为识别标志,而仅仅以重写后的 URL 地址为识别标志了。</p> <h3 id="_2-7-session-实例"><a href="#_2-7-session-实例" class="header-anchor">#</a> 2.7. Session 实例</h3> <h4 id="_2-7-1-session-跟踪"><a href="#_2-7-1-session-跟踪" class="header-anchor">#</a> 2.7.1. Session 跟踪</h4> <p>SessionTrackServlet.java</p> <div class="language-java extra-class"><pre class="language-java"><code><span class="token keyword">import</span> <span class="token namespace">java<span class="token punctuation">.</span>io<span class="token punctuation">.</span></span><span class="token class-name">IOException</span><span class="token punctuation">;</span>
<span class="token keyword">import</span> <span class="token namespace">java<span class="token punctuation">.</span>io<span class="token punctuation">.</span></span><span class="token class-name">PrintWriter</span><span class="token punctuation">;</span>
<span class="token keyword">import</span> <span class="token namespace">java<span class="token punctuation">.</span>text<span class="token punctuation">.</span></span><span class="token class-name">SimpleDateFormat</span><span class="token punctuation">;</span>
<span class="token keyword">import</span> <span class="token namespace">java<span class="token punctuation">.</span>util<span class="token punctuation">.</span></span><span class="token class-name">Date</span><span class="token punctuation">;</span>
<span class="token keyword">import</span> <span class="token namespace">javax<span class="token punctuation">.</span>servlet<span class="token punctuation">.</span></span><span class="token class-name">ServletException</span><span class="token punctuation">;</span>
<span class="token keyword">import</span> <span class="token namespace">javax<span class="token punctuation">.</span>servlet<span class="token punctuation">.</span>annotation<span class="token punctuation">.</span></span><span class="token class-name">WebServlet</span><span class="token punctuation">;</span>
<span class="token keyword">import</span> <span class="token namespace">javax<span class="token punctuation">.</span>servlet<span class="token punctuation">.</span>http<span class="token punctuation">.</span></span><span class="token class-name">HttpServlet</span><span class="token punctuation">;</span>
<span class="token keyword">import</span> <span class="token namespace">javax<span class="token punctuation">.</span>servlet<span class="token punctuation">.</span>http<span class="token punctuation">.</span></span><span class="token class-name">HttpServletRequest</span><span class="token punctuation">;</span>
<span class="token keyword">import</span> <span class="token namespace">javax<span class="token punctuation">.</span>servlet<span class="token punctuation">.</span>http<span class="token punctuation">.</span></span><span class="token class-name">HttpServletResponse</span><span class="token punctuation">;</span>
<span class="token keyword">import</span> <span class="token namespace">javax<span class="token punctuation">.</span>servlet<span class="token punctuation">.</span>http<span class="token punctuation">.</span></span><span class="token class-name">HttpSession</span><span class="token punctuation">;</span>
<span class="token annotation punctuation">@WebServlet</span><span class="token punctuation">(</span><span class="token string">"/servlet/SessionTrackServlet"</span><span class="token punctuation">)</span>
<span class="token keyword">public</span> <span class="token keyword">class</span> <span class="token class-name">SessionTrackServlet</span> <span class="token keyword">extends</span> <span class="token class-name">HttpServlet</span> <span class="token punctuation">{</span>
<span class="token keyword">private</span> <span class="token keyword">static</span> <span class="token keyword">final</span> <span class="token keyword">long</span> serialVersionUID <span class="token operator">=</span> <span class="token number">1L</span><span class="token punctuation">;</span>
<span class="token keyword">public</span> <span class="token keyword">void</span> <span class="token function">doGet</span><span class="token punctuation">(</span><span class="token class-name">HttpServletRequest</span> request<span class="token punctuation">,</span> <span class="token class-name">HttpServletResponse</span> response<span class="token punctuation">)</span>
<span class="token keyword">throws</span> <span class="token class-name">ServletException</span><span class="token punctuation">,</span> <span class="token class-name">IOException</span> <span class="token punctuation">{</span>
<span class="token comment">// 如果不存在 session 会话,则创建一个 session 对象</span>
<span class="token class-name">HttpSession</span> session <span class="token operator">=</span> request<span class="token punctuation">.</span><span class="token function">getSession</span><span class="token punctuation">(</span><span class="token boolean">true</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token comment">// 获取 session 创建时间</span>
<span class="token class-name">Date</span> createTime <span class="token operator">=</span> <span class="token keyword">new</span> <span class="token class-name">Date</span><span class="token punctuation">(</span>session<span class="token punctuation">.</span><span class="token function">getCreationTime</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token comment">// 获取该网页的最后一次访问时间</span>
<span class="token class-name">Date</span> lastAccessTime <span class="token operator">=</span> <span class="token keyword">new</span> <span class="token class-name">Date</span><span class="token punctuation">(</span>session<span class="token punctuation">.</span><span class="token function">getLastAccessedTime</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token comment">// 设置日期输出的格式</span>
<span class="token class-name">SimpleDateFormat</span> df <span class="token operator">=</span> <span class="token keyword">new</span> <span class="token class-name">SimpleDateFormat</span><span class="token punctuation">(</span><span class="token string">"yyyy-MM-dd HH:mm:ss"</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token class-name">String</span> title <span class="token operator">=</span> <span class="token string">"Servlet Session 实例"</span><span class="token punctuation">;</span>
<span class="token class-name">Integer</span> visitCount <span class="token operator">=</span> <span class="token keyword">new</span> <span class="token class-name">Integer</span><span class="token punctuation">(</span><span class="token number">0</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token class-name">String</span> visitCountKey <span class="token operator">=</span> <span class="token keyword">new</span> <span class="token class-name">String</span><span class="token punctuation">(</span><span class="token string">"visitCount"</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token class-name">String</span> userIDKey <span class="token operator">=</span> <span class="token keyword">new</span> <span class="token class-name">String</span><span class="token punctuation">(</span><span class="token string">"userID"</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token class-name">String</span> userID <span class="token operator">=</span> <span class="token keyword">new</span> <span class="token class-name">String</span><span class="token punctuation">(</span><span class="token string">"admin"</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token comment">// 检查网页上是否有新的访问者</span>
<span class="token keyword">if</span> <span class="token punctuation">(</span>session<span class="token punctuation">.</span><span class="token function">isNew</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">)</span> <span class="token punctuation">{</span>
session<span class="token punctuation">.</span><span class="token function">setAttribute</span><span class="token punctuation">(</span>userIDKey<span class="token punctuation">,</span> userID<span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span> <span class="token keyword">else</span> <span class="token punctuation">{</span>
visitCount <span class="token operator">=</span> <span class="token punctuation">(</span><span class="token class-name">Integer</span><span class="token punctuation">)</span> session<span class="token punctuation">.</span><span class="token function">getAttribute</span><span class="token punctuation">(</span>visitCountKey<span class="token punctuation">)</span><span class="token punctuation">;</span>
visitCount <span class="token operator">=</span> visitCount <span class="token operator">+</span> <span class="token number">1</span><span class="token punctuation">;</span>
userID <span class="token operator">=</span> <span class="token punctuation">(</span><span class="token class-name">String</span><span class="token punctuation">)</span> session<span class="token punctuation">.</span><span class="token function">getAttribute</span><span class="token punctuation">(</span>userIDKey<span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span>
session<span class="token punctuation">.</span><span class="token function">setAttribute</span><span class="token punctuation">(</span>visitCountKey<span class="token punctuation">,</span> visitCount<span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token comment">// 设置响应内容类型</span>
response<span class="token punctuation">.</span><span class="token function">setContentType</span><span class="token punctuation">(</span><span class="token string">"text/html;charset=UTF-8"</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token class-name">PrintWriter</span> out <span class="token operator">=</span> response<span class="token punctuation">.</span><span class="token function">getWriter</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token class-name">String</span> docType <span class="token operator">=</span> <span class="token string">"<!DOCTYPE html>\n"</span><span class="token punctuation">;</span>
out<span class="token punctuation">.</span><span class="token function">println</span><span class="token punctuation">(</span>docType <span class="token operator">+</span> <span class="token string">"<html>\n"</span> <span class="token operator">+</span> <span class="token string">"<head><title>"</span> <span class="token operator">+</span> title <span class="token operator">+</span> <span class="token string">"</title></head>\n"</span>
<span class="token operator">+</span> <span class="token string">"<body bgcolor=\"#f0f0f0\">\n"</span> <span class="token operator">+</span> <span class="token string">"<h1 align=\"center\">"</span> <span class="token operator">+</span> title
<span class="token operator">+</span> <span class="token string">"</h1>\n"</span> <span class="token operator">+</span> <span class="token string">"<h2 align=\"center\">Session 信息</h2>\n"</span>
<span class="token operator">+</span> <span class="token string">"<table border=\"1\" align=\"center\">\n"</span> <span class="token operator">+</span> <span class="token string">"<tr bgcolor=\"#949494\">\n"</span>
<span class="token operator">+</span> <span class="token string">" <th>Session 信息</th><th>值</th></tr>\n"</span> <span class="token operator">+</span> <span class="token string">"<tr>\n"</span> <span class="token operator">+</span> <span class="token string">" <td>id</td>\n"</span>
<span class="token operator">+</span> <span class="token string">" <td>"</span> <span class="token operator">+</span> session<span class="token punctuation">.</span><span class="token function">getId</span><span class="token punctuation">(</span><span class="token punctuation">)</span> <span class="token operator">+</span> <span class="token string">"</td></tr>\n"</span> <span class="token operator">+</span> <span class="token string">"<tr>\n"</span>
<span class="token operator">+</span> <span class="token string">" <td>创建时间</td>\n"</span> <span class="token operator">+</span> <span class="token string">" <td>"</span> <span class="token operator">+</span> df<span class="token punctuation">.</span><span class="token function">format</span><span class="token punctuation">(</span>createTime<span class="token punctuation">)</span> <span class="token operator">+</span> <span class="token string">" </td></tr>\n"</span>
<span class="token operator">+</span> <span class="token string">"<tr>\n"</span> <span class="token operator">+</span> <span class="token string">" <td>最后访问时间</td>\n"</span> <span class="token operator">+</span> <span class="token string">" <td>"</span> <span class="token operator">+</span> df<span class="token punctuation">.</span><span class="token function">format</span><span class="token punctuation">(</span>lastAccessTime<span class="token punctuation">)</span>
<span class="token operator">+</span> <span class="token string">" </td></tr>\n"</span> <span class="token operator">+</span> <span class="token string">"<tr>\n"</span> <span class="token operator">+</span> <span class="token string">" <td>用户 ID</td>\n"</span> <span class="token operator">+</span> <span class="token string">" <td>"</span> <span class="token operator">+</span> userID
<span class="token operator">+</span> <span class="token string">" </td></tr>\n"</span> <span class="token operator">+</span> <span class="token string">"<tr>\n"</span> <span class="token operator">+</span> <span class="token string">" <td>访问统计:</td>\n"</span> <span class="token operator">+</span> <span class="token string">" <td>"</span> <span class="token operator">+</span> visitCount
<span class="token operator">+</span> <span class="token string">"</td></tr>\n"</span> <span class="token operator">+</span> <span class="token string">"</table>\n"</span> <span class="token operator">+</span> <span class="token string">"</body></html>"</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span>
<span class="token punctuation">}</span>
</code></pre></div><p>web.xml</p> <div class="language-xml extra-class"><pre class="language-xml"><code><span class="token tag"><span class="token tag"><span class="token punctuation"><</span>servlet</span><span class="token punctuation">></span></span>
<span class="token tag"><span class="token tag"><span class="token punctuation"><</span>servlet-name</span><span class="token punctuation">></span></span>SessionTrackServlet<span class="token tag"><span class="token tag"><span class="token punctuation"></</span>servlet-name</span><span class="token punctuation">></span></span>
<span class="token tag"><span class="token tag"><span class="token punctuation"><</span>servlet-class</span><span class="token punctuation">></span></span>SessionTrackServlet<span class="token tag"><span class="token tag"><span class="token punctuation"></</span>servlet-class</span><span class="token punctuation">></span></span>
<span class="token tag"><span class="token tag"><span class="token punctuation"></</span>servlet</span><span class="token punctuation">></span></span>
<span class="token tag"><span class="token tag"><span class="token punctuation"><</span>servlet-mapping</span><span class="token punctuation">></span></span>
<span class="token tag"><span class="token tag"><span class="token punctuation"><</span>servlet-name</span><span class="token punctuation">></span></span>SessionTrackServlet<span class="token tag"><span class="token tag"><span class="token punctuation"></</span>servlet-name</span><span class="token punctuation">></span></span>
<span class="token tag"><span class="token tag"><span class="token punctuation"><</span>url-pattern</span><span class="token punctuation">></span></span>/servlet/SessionTrackServlet<span class="token tag"><span class="token tag"><span class="token punctuation"></</span>url-pattern</span><span class="token punctuation">></span></span>
<span class="token tag"><span class="token tag"><span class="token punctuation"></</span>servlet-mapping</span><span class="token punctuation">></span></span>
</code></pre></div><h4 id="_2-7-2-删除-session-会话数据"><a href="#_2-7-2-删除-session-会话数据" class="header-anchor">#</a> 2.7.2. 删除 Session 会话数据</h4> <p>当您完成了一个用户的 session 会话数据,您有以下几种选择:</p> <p>**移除一个特定的属性:**您可以调用 <code>removeAttribute(String name)</code> 方法来删除与特定的键相关联的值。</p> <p>**删除整个 session 会话:**您可以调用 <code>invalidate()</code> 方法来丢弃整个 session 会话。</p> <p>**设置 session 会话过期时间:**您可以调用 <code>setMaxInactiveInterval(int interval)</code> 方法来单独设置 session 会话超时。</p> <p>**注销用户:**如果使用的是支持 servlet 2.4 的服务器,您可以调用 <code>logout</code> 来注销 Web 服务器的客户端,并把属于所有用户的所有 session 会话设置为无效。</p> <p>**web.xml 配置:**如果您使用的是 Tomcat,除了上述方法,您还可以在 web.xml 文件中配置 session 会话超时,如下所示:</p> <div class="language-xml extra-class"><pre class="language-xml"><code><span class="token tag"><span class="token tag"><span class="token punctuation"><</span>session-config</span><span class="token punctuation">></span></span>
<span class="token tag"><span class="token tag"><span class="token punctuation"><</span>session-timeout</span><span class="token punctuation">></span></span>15<span class="token tag"><span class="token tag"><span class="token punctuation"></</span>session-timeout</span><span class="token punctuation">></span></span>
<span class="token tag"><span class="token tag"><span class="token punctuation"></</span>session-config</span><span class="token punctuation">></span></span>
</code></pre></div><p>上面实例中的超时时间是以分钟为单位,将覆盖 Tomcat 中默认的 30 分钟超时时间。</p> <p>在一个 Servlet 中的 <code>getMaxInactiveInterval()</code> 方法会返回 session 会话的超时时间,以秒为单位。所以,如果在 web.xml 中配置 session 会话超时时间为 15 分钟,那么<code>getMaxInactiveInterval()</code> 会返回 900。</p> <h2 id="_3-cookie-vs-session"><a href="#_3-cookie-vs-session" class="header-anchor">#</a> 3. Cookie vs Session</h2> <h3 id="_3-1-存取方式"><a href="#_3-1-存取方式" class="header-anchor">#</a> 3.1. 存取方式</h3> <p>Cookie 只能保存<code>ASCII</code>字符串,如果需要存取 Unicode 字符或二进制数据,需要进行<code>UTF-8</code>、<code>GBK</code>或<code>BASE64</code>等方式的编码。</p> <p>Session 可以存取任何类型的数据,甚至是任何 Java 类。可以将 Session 看成是一个 Java 容器类。</p> <h3 id="_3-2-隐私安全"><a href="#_3-2-隐私安全" class="header-anchor">#</a> 3.2. 隐私安全</h3> <p>Cookie 存于客户端浏览器,一些客户端的程序可能会窥探、复制或修改 Cookie 内容。</p> <p>Session 存于服务器,对客户端是透明的,不存在敏感信息泄露的危险。</p> <h3 id="_3-3-有效期"><a href="#_3-3-有效期" class="header-anchor">#</a> 3.3. 有效期</h3> <p>使用 Cookie 可以保证长时间登录有效,只要设置 Cookie 的<code>maxAge</code>属性为一个很大的数字。</p> <p>而 Session 虽然理论上也可以通过设置很大的数值来保持长时间登录有效,但是,由于 Session 依赖于名为<code>JESSIONID</code>的 Cookie,而 Cookie <code>JESSIONID</code>的<code>maxAge</code>默认为-1,只要关闭了浏览器该 Session 就会失效,因此,Session 不能实现信息永久有效的效果。使用 URL 地址重写也不能实现。</p> <h3 id="_3-4-服务器的开销"><a href="#_3-4-服务器的开销" class="header-anchor">#</a> 3.4. 服务器的开销</h3> <p>由于 Session 是保存在服务器的,每个用户都会产生一个 Session,如果并发访问的用户非常多,会产生很多的 Session,消耗大量的内存。</p> <p>而 Cookie 由于保存在客户端浏览器上,所以不占用服务器资源。</p> <h3 id="_3-5-浏览器的支持"><a href="#_3-5-浏览器的支持" class="header-anchor">#</a> 3.5. 浏览器的支持</h3> <p>Cookie 需要浏览器支持才能使用。</p> <p>如果浏览器不支持 Cookie,需要使用 Session 以及 URL 地址重写。</p> <p>需要注意的事所有的用到 Session 程序的 URL 都要使用<code>response.encodeURL(StringURL)</code> 或<code>response.encodeRediretURL(String URL)</code>进行 URL 地址重写,否则导致 Session 会话跟踪失效。</p> <h3 id="_3-6-跨域名"><a href="#_3-6-跨域名" class="header-anchor">#</a> 3.6. 跨域名</h3> <ul><li>Cookie 支持跨域名。</li> <li>Session 不支持跨域名。</li></ul></div> <footer class="page-edit"><div class="edit-link"><a href="https://github.com/dunwu/java-tutorial/edit/master/docs/javaee/javaee-cookie-sesion.md" target="_blank" rel="noopener noreferrer">帮助我们改善此页面!</a> <span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></div> <div class="last-updated"><span class="prefix">上次更新:</span> <span class="time">10 months ago</span></div></footer> <!----> </main></div><div class="global-ui"><!----><!----></div></div>
<script src="/java-tutorial/assets/js/app.a78650bc.js" defer></script><script src="/java-tutorial/assets/js/4.3daae55c.js" defer></script><script src="/java-tutorial/assets/js/12.26a5f560.js" defer></script><script src="/java-tutorial/assets/js/5.dfd352df.js" defer></script>
</body>
</html>