网站用户存在状态的session用法及例子

问题&＃xff1f;首先我们知道&＃xff0c;在我们登录网站的时候&＃xff0c;点击一个又一个链接&＃xff0c;但是用户显示依然存在&＃xff0c;这是为什么呢&＃xff0c;网站又是如何识别的呢&＃xff1f;那怎么来做这个效果呢&＃xff1f;接下来用一个例子及原理为大家说明。

原理&＃xff1a;session的用法&＃xff0c;当我们登陆验证成功后就在session中写一个标记&＃xff0c;等点击链接的时候就会一直识别是否有这个标记。

HttpSession概述及原理探讨
得到HttpSession对象&＃xff1a;
HttpServletRequest.getSession():根据特殊COOKIE&＃xff08;JSESSIONID&＃61;HttpSession对象的id,由服务器生成&＃xff0c;唯一的&＃xff09;的取值&＃xff0c;在服务器的内存中根据id查找这个HttpSession对象&＃xff0c;找到了&＃xff0c;取出来继续服务&＃xff1b;没有找到&＃xff0c;创建一个新的HttpSession对象。

第一步&＃xff1a;建立jsp或者html页面

<%&＃64; page language&＃61;"java" import&＃61;"java.util.*" pageEncoding&＃61;"UTF-8"%>
<%
String path &＃61; request.getContextPath();
String basePath &＃61; request.getScheme()&＃43;"://"&＃43;request.getServerName()&＃43;":"&＃43;request.getServerPort()&＃43;path&＃43;"/";
%>
">
用 户 名&＃xff1a;
密 码&＃xff1a;
看不清




第二步&＃xff1a;xml文件


day08IndexServletcom.dp.javaweb.login.IndexServletLandingServletcom.dp.javaweb.login.LandingServletLoginoutServletcom.dp.javaweb.login.LoginoutServletImageServletcom.dp.javaweb.login.ImageServletIndexServlet/servlet/IndexServletLandingServlet/servlet/LandingServletLoginoutServlet/servlet/LoginoutServletImageServlet/servlet/ImageServletLogin.jsp


package com.dp.javaweb.login;import java.awt.Color;
import java.awt.Font;
import java.awt.Graphics;
import java.awt.image.BufferedImage;
import java.io.IOException;
import java.util.Random;import javax.imageio.ImageIO;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;public class ImageServlet extends HttpServlet {public void doGet(HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException { //通知浏览器不要缓存response.setHeader("Expires", "-1");response.setHeader("Cache-Control", "no-cache");response.setHeader("Pragma", "-1");int height&＃61;25;int width&＃61;120;//得到一个内存图像BufferedImageBufferedImage img&＃61;new BufferedImage(width, height, BufferedImage.TYPE_ INT_RGB);//得到一个画笔Graphics g&＃61;img.getGraphics();//画边框drawRect绘制指定矩形的边框。g.drawRect(0, 0, width, height);//填充颜色g.setColor(Color.RED);g.fillRect(1, 1, width-2, height-2);//画干扰线g.setColor(Color.BLACK);Random r&＃61;new Random();for(int i&＃61;0;i<20;i&＃43;&＃43;)g.drawLine(r.nextInt(width), r.nextInt(height), r.nextInt(width), r.nextInt(height));//生成随机数字g.setColor(Color.BLUE);g.setFont(new Font("微软雅黑", Font.BOLD|Font.ITALIC, 20));//BOLD加粗&＃xff0c;ITALIC斜体int d&＃61;15;StringBuffer sb&＃61;new StringBuffer();//可变字符串的利用for(int j&＃61;0;j<4;j&＃43;&＃43;){String code&＃61;r.nextInt(10)&＃43;"";sb.append(code);g.drawString(code&＃43;"", d, 20);d&＃43;&＃61;20;}//将验证码输入到session中&＃xff0c;用来验证request.getSession().setAttribute("code", sb.toString());//输出打web页面ImageIO.write(img, "jpg", response.getOutputStream());}public void doPost(HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException {doGet(request, response);}}


第四步&＃xff1a;处理用户密码验证码类(这里就开始利用session的作用&＃xff0c;因为痛密码用户一样也在验证码出也写了一个session)

package com.dp.javaweb.login;import java.io.IOException;
import java.io.PrintWriter;import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;/*** 处理用户密码**/
public class LandingServlet extends HttpServlet {public void doGet(HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException {request.setCharacterEncoding("UTF-8");response.setContentType("text/html;charset&＃61;UTF-8");PrintWriter out&＃61;response.getWriter();//验证用户和密码String username&＃61;request.getParameter("username");String password&＃61;request.getParameter("password");String code&＃61;request.getParameter("code");//得到session中的session验证码String sessuoncode&＃61;(String)request.getSession().getAttribute("code");//验证验证码if(!code.equals(sessuoncode)){out.write("登陆失败&＃xff0c;错误的验证码&＃xff01;&＃xff01;重新登录");return;//不往下执行了}StringBuffer sb&＃61;new StringBuffer(password);password&＃61;sb.reverse().toString();//reverse()将此字符序列用其反转形式取代if(username.equals(password)){User user&＃61;new User();user.setUsername(username);user.setPassword(password);//在把user对象放入session中&＃xff0c;有了标记&＃xff0c;这点儿很重要。request.getSession().setAttribute("user", user);out.write("登陆成功&＃xff0c;2秒后自动返回到主页面&＃xff01;&＃xff01;");}else{out.write("登陆失败&＃xff0c;2秒钟后自动返回到主页面&＃xff01;&＃xff01;");}response.setHeader("Refresh","2;URL&＃61;/day08/servlet/IndexServlet");}public void doPost(HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException {doGet(request, response);}}


第五步&＃xff1a;验证session是否存在&＃xff0c;并处理登陆状态

package com.dp.javaweb.login;import java.io.IOException;
import java.io.PrintWriter;import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;/*** 验证session中用户和密码**/
public class IndexServlet extends HttpServlet {public void doGet(HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException {response.setContentType("text/html;charset&＃61;UTF-8");PrintWriter out&＃61;response.getWriter();HttpSession session&＃61;request.getSession();//创建session对象User user&＃61;(User)session.getAttribute("user");//得到标记//session.setMaxInactiveInterval(2);//setMaxInactiveInterval表示2秒内不对session做出操作&＃xff0c;自动删除session//一般情况下&＃xff0c;不用设置这个函数,因为getMaxInactiveInterval()的session的默认失效为1800毫秒也就是半分钟//System.out.println(session.getMaxInactiveInterval());//打印默认session存在时间if(user&＃61;&＃61;null){out.write("请登陆");}else{out.write("欢迎您&＃xff1a;"&＃43;user.getUsername()&＃43;"    注销");}out.write("

package com.dp.javaweb.login;import java.io.IOException;
import java.io.PrintWriter;import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;//去掉session中的登陆标记&＃xff0c;也就是用于注销
public class LoginoutServlet extends HttpServlet {public void doGet(HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException {response.setContentType("text/html;charset&＃61;UTF-8");request.setCharacterEncoding("UTF-8");PrintWriter out&＃61;response.getWriter();request.getSession().removeAttribute("user");//删除了域中绑定的对象
// request.getSession().invalidate();//这是直接销毁session&＃xff0c;可任选一种out.write("注销成功&＃xff0c;2秒后自动转入主页。");response.setHeader("Refresh", "2;URL&＃61;/day08/servlet/IndexServlet");}public void doPost(HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException {doGet(request, response);}}


第七步&＃xff1a;封装用户密码的Bean类

package com.dp.javaweb.login;public class User {private String username;private String password;public String getUsername() {return username;}public void setUsername(String username) {this.username &＃61; username;}public String getPassword() {return password;}public void setPassword(String password) {this.password &＃61; password;}}


结果显示&＃xff1a;

第一种情况&＃xff1a;验证码错误

第二种情况&＃xff1a;用户密码错误

第三种情况&＃xff1a;登陆成功后

最后的注销就不用我说了吧&＃xff01;就是去掉session的标记。

注意&＃xff1a;session.setMaxInactiveInterval(30 * 60);//单位秒&＃xff0c;这是设置网页中session在缓存中的存在时间
   如果不设置的话&＃xff0c;session,默认过期时间为30分钟也就是1800秒&＃xff0c;

    session时间的另外一种设置方式&＃xff0c;在另一边博客上写得有喔。