java 使用 Tomcat 和 cookie 进行会话管理
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/7681521/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Session management with Tomcat and cookies
提问by Ryan
I am having a difficult time conceptualizing how Tomcat handles cookies and session management behind the scenes.
我很难概念化 Tomcat 如何在后台处理 cookie 和会话管理。
When or where does Tomcat issue cookies to manage an HttpSession? According to This question / answer, sessions are created from an initial call to getSession().
Tomcat 何时或何地发布 cookie 来管理HttpSession? 根据这个问题/答案,会话是从初始调用到getSession().
If I am running a Filterand call getSession(), does that automatically attach the necessary cookie (assuming I have configured web.xml to use cookies) to the ServletResponse? If not, how do I do so? I am not running any jsp's.
如果我正在运行 aFilter并调用getSession(),是否会自动将必要的 cookie(假设我已将 web.xml 配置为使用 cookie)附加到ServletResponse? 如果没有,我该怎么做?我没有运行任何jsp。
回答by jayunit100
Java Servlets manage cookies and state transparently for you, under the hood. Tomcat is the web server that Java Servlets run inside of.
Java Servlet 在幕后为您透明地管理 cookie 和状态。Tomcat 是运行 Java Servlet 的 Web 服务器。
The way web servers manage cookies is they directly send them in the HTTP request, I'm not 100% sure of the protocol text, but I believe it is simply that Tomcat will send "SET COOKIE:..." in the actual HTTP that is sent to your browser.
Web 服务器管理 cookie 的方式是直接在 HTTP 请求中发送它们,我不是 100% 确定协议文本,但我相信 Tomcat 将在实际的 HTTP 中发送“SET COOKIE:...”发送到您的浏览器。
The important thing to note here is that Tomcat and the java Servlet specification are coupled - Tomcat hosts Servlets, and provides interface implementations that wrap the basic aspects of HTTP communication : for example, here is its Cookie interface ---- http://tomcat.apache.org/tomcat-5.5-doc/servletapi/javax/servlet/http/Cookie.html.
这里需要注意的重要一点是Tomcat和java Servlet规范是耦合的——Tomcat承载着Servlets,并且提供了封装了HTTP通信基本方面的接口实现:比如这里是它的Cookie接口---- http:// tomcat.apache.org/tomcat-5.5-doc/servletapi/javax/servlet/http/Cookie.html。
In general, this shouldn't be your biggest concern when writing a web app, unless you are doing something fancy. The Servlet api is supposed to abstract this by giving you access to the Session API that allows you to set/get objects specific to the client your dealing with.
一般来说,在编写 Web 应用程序时,这不应该是您最关心的问题,除非您正在做一些奇特的事情。Servlet api 应该通过允许您访问会话 API 来抽象这一点,会话 API 允许您设置/获取特定于您处理的客户端的对象。
