How session work
1.when Diane selects "Dark" and hits the submit button.The Container sends the request to a new thread of the BeerApp servlet.The BeerApp thread finds the session associated with Diane, and stores her choice ("Dark")in the session as an attribute.
2.The servlet runs its business logic (including calls to the model) and returns a response.
3.When Diane selects another option and hits the submit button.The Container sends the request to a new thread of the BeerApp servlet.The BeerApp thread finds the session associated with Diane,and stores her new choice in the session as an attribute(same client,same servlet,Different request,Different thread,Same session)
4.The servlet runs its business logic (including calls to the model) and returns a response.
5.Meanwhile ,another client goes to beer site...
Diane's session is still active ,but meanwhile Terri selects "Pale" and hits the submit button. The Container sends Terri's request to a new thread of the BeerApp servlet.The BeerApp thread starts a new session for Terri,and calls setAttribute() to
store her choice("pale")(Different client,Same servlet,Different request,Different thread,Different session)
how the Container know who the client is
The HTTP protocol uses stateless connections.The client browser makes a connection
to the server,sends the request,gets the response,and closes the connection.In other words,the connection exists for only a single request/response.Because the connections don't persist ,the Container doesn't recognize that the client making a second request is the same client from a previous request.As far as the Container's concerned,each request is from a new client.
so the client needs a unique session ID.The idea is simple:on the client's first request,the Container generates a unique session ID and gives it back to the client with the response.The client sends back the session ID with each subsequent request.The Container sees the ID ,finds the matching session, and associates the session with the request.
Somehow,the Container has to get the session ID to the client as part of the response ,and the client has to send back the session ID as part of the request.The simplest and most common way to exchange the info is through cookies.
You do have to tell the Container that you want to create or use a session,but the Container takes care of generating the session ID,creating a new Cookie object,stuffing the session ID into the cookie,and setting the cookie as part of the response.And on subsequent requests ,the Container gets the session ID from a cookie in the request,matches the session ID with an existing session,and associates that session with the current request.
Sending a session cookie in the RESPONSE:
HttpSession session = request.getSession();/*This method does more than just create a session,but the first time you invoke it on the request ,it will cause a cookie to be sent with the response.Now,There's still no guarantee the client will accept the cookie...but we're getting ahead of ourselves.
The container takes care of making the new HttpSession object,generating the unique session ID,making the new Cookie object,associating the session ID with the cookie,setting the Cookie into the response ,all by itself.*/
Getting the session ID from the REQUEST:
HttpSession session = request.getSession();/*The method for getting a session ID cookie(and matching it with an existing session) is the same as SENDING a session ID cookie.You never actually SEE the session ID yourself(although you can ask the session to give it to you)*/
It works like this:
IF(the request includes a session ID cookie)
finds the session matching that ID
ELSE IF (there is no session ID cookie OR there is no current session matching the session ID)
create a new session.
All the cookie work happens behind the scenes.
1.when Diane selects "Dark" and hits the submit button.The Container sends the request to a new thread of the BeerApp servlet.The BeerApp thread finds the session associated with Diane, and stores her choice ("Dark")in the session as an attribute.
2.The servlet runs its business logic (including calls to the model) and returns a response.
3.When Diane selects another option and hits the submit button.The Container sends the request to a new thread of the BeerApp servlet.The BeerApp thread finds the session associated with Diane,and stores her new choice in the session as an attribute(same client,same servlet,Different request,Different thread,Same session)
4.The servlet runs its business logic (including calls to the model) and returns a response.
5.Meanwhile ,another client goes to beer site...
Diane's session is still active ,but meanwhile Terri selects "Pale" and hits the submit button. The Container sends Terri's request to a new thread of the BeerApp servlet.The BeerApp thread starts a new session for Terri,and calls setAttribute() to
store her choice("pale")(Different client,Same servlet,Different request,Different thread,Different session)
how the Container know who the client is
The HTTP protocol uses stateless connections.The client browser makes a connection
to the server,sends the request,gets the response,and closes the connection.In other words,the connection exists for only a single request/response.Because the connections don't persist ,the Container doesn't recognize that the client making a second request is the same client from a previous request.As far as the Container's concerned,each request is from a new client.
so the client needs a unique session ID.The idea is simple:on the client's first request,the Container generates a unique session ID and gives it back to the client with the response.The client sends back the session ID with each subsequent request.The Container sees the ID ,finds the matching session, and associates the session with the request.
Somehow,the Container has to get the session ID to the client as part of the response ,and the client has to send back the session ID as part of the request.The simplest and most common way to exchange the info is through cookies.
You do have to tell the Container that you want to create or use a session,but the Container takes care of generating the session ID,creating a new Cookie object,stuffing the session ID into the cookie,and setting the cookie as part of the response.And on subsequent requests ,the Container gets the session ID from a cookie in the request,matches the session ID with an existing session,and associates that session with the current request.
Sending a session cookie in the RESPONSE:
HttpSession session = request.getSession();/*This method does more than just create a session,but the first time you invoke it on the request ,it will cause a cookie to be sent with the response.Now,There's still no guarantee the client will accept the cookie...but we're getting ahead of ourselves.
The container takes care of making the new HttpSession object,generating the unique session ID,making the new Cookie object,associating the session ID with the cookie,setting the Cookie into the response ,all by itself.*/
Getting the session ID from the REQUEST:
HttpSession session = request.getSession();/*The method for getting a session ID cookie(and matching it with an existing session) is the same as SENDING a session ID cookie.You never actually SEE the session ID yourself(although you can ask the session to give it to you)*/
It works like this:
IF(the request includes a session ID cookie)
finds the session matching that ID
ELSE IF (there is no session ID cookie OR there is no current session matching the session ID)
create a new session.
All the cookie work happens behind the scenes.
发表评论
-
EL expression
2014-04-15 14:21 852Remember in the original MVC be ... -
PageContext Reference
2014-04-12 13:16 719Using a PageContext reference t ... -
Aplication Request Session Page scopes
2014-04-12 12:08 499The most of the time you'll be ... -
jsb scriptlet directive expression
2014-04-12 11:44 579scriptlet: <% %> direct ... -
implicit object
2014-04-09 14:15 511When a Container translates the ... -
Session lifecycle events
2014-04-12 10:31 423The sesssin was created: when t ... -
Setting session timeout
2014-04-08 19:56 521Two ways to set session timeout ... -
Key HttpSession method
2014-04-08 19:16 466getCreationTime() //returns t ... -
what if I want to know whether the session already existed or was just created?
2014-04-08 11:54 419Put the following code into you ... -
How can we track the client's answers?
2014-04-08 08:28 462We have serveral options: 1.Use ... -
encodeURL and encodeRedirectURL
2014-04-06 19:45 1006If the client doesn't accept co ... -
What if you only want a pre-existing session?
2014-04-06 18:51 519HttpSession session = request.g ...
相关推荐
How Computers Work - The Evolution of Technology, 10th Edition.zip.001
How Computers Work - The Evolution of Technology, 10th Edition.zip.002
It is not for those who know nothing about finance and banking, but certainly good for those (like me) who know finance but not much about how payment systems work. The authors have wisely chosen to ...
the Web works and how to make it work for them. My editor often talks about when she first learned UNIX scripting and how it opened a world of automation for her. When you learn how to write scripts...
Now, if you look for the last trendy technologies (Big Data, NoSQL or JavaScript), you’ll find more in-depth articles explaining how they work. Are relational databases too old and too boring to be ...
Chapter 5 How to List the Authors and Addresses Chapter 6 How to Prepare the Abstract Chapter 7 How to Write the Introduction Chapter 8 How to Write the Materials and Methods Section Chapter 9 How to ...
switching and induced lightning.Within the TVS, damaging voltage spikes are limited by clamping or avalanche action of a rugged silicon pn junction which reduces the amplitude of the transient to a ...
Get to know how to build your own container clusterDeploy and manage highly scalable applications using KubernetesDiscover how to build high availability Kubernetes clustersFind out how to build a ...
4. **Refining the Specification**: The specification evolves over time as new information is gathered and feedback is received. This iterative refinement ensures that the final product meets the ...
Coders at Work: Reflections on the Craft of Programming is a 2009 book by Peter Seibel about interviews with 15 highly accomplished programmers. The primary topics in these interviews include how the ...
a total guide to debuggers: what they do, how they work, and how to use them to produce better programs
The primary audience is Java beginners and the secondary audience is more advanced Java developers who have worked with the Thread APIs and the Concurrency Utilities. Table of Contents Part I: Thread...
With its combination of background, theory, real-world examples, and patient explanations, How Linux Works will teach you what you need to know to solve pesky problems and take control of your ...
A special feature of this edition is a new appendix on NoSQL and relational theory.Could you write an SQL query to find employees who have worked at least once in every programming department in the ...
what we call DevOps today and the tools that you should know. Demand for people with DevOps skills has been growing rapidly over the last few years. It has accelerated software development and ...
packaging and running portable distributed applications, Deepak Vorhadiscusses how to build, ship and run applications on any platform such as a PC, the cloud, data center or a virtual machine....
As well as focusing on client-side JavaScript, you will also learn how to work with the Browser Object Model, the Document Object Model (DOM), how to use XML and JSON as well as communicate with ...