Session storage

Java

Sessions are actually divided into server-side sessions and client-side sessions.

When the user establishes a connection with the web server for the first time, the server will distribute a sessionid to the user as an identity. Every time a user submits a page, the browser will include this sessionid in the HTTP header and submit it to the web server, so that the web server can distinguish which client is currently requesting the page. This sessionid is saved in the client and belongs to the client session.

The session ID generated by Tomcat is called jssessionid.

When accessing the getsession (true) of the HttpServletRequest of the Tomcat server, a session will be created. The managerbase class of Tomcat provides a method to create a sessionid: random number + time + JVM ID.

On the server side, the standard manager class of Tomcat stores the session in memory and can also be persisted to files, databases, caches, etc.

The client only saves the sessionid to the cookie, not the session. The session can only be destroyed through invalidate or timeout. Closing the browser does not close the session. When the user disables the cookie, the server will not get the sessionid. At this time, we can use URL or hidden domain to store client session.

spring-session

In the traditional mode, when the request enters the web container and obtains the session according to the reqest, it returns if there is a session in the web container. If there is no session, the web container creates a session. Then, when the response is returned, the sessonid is returned to the client or browser as the head of the response.

Another idea is to extract the session from the web container to form an independent module so that distributed applications or clusters can share it.

The core idea of spring session is to split the session from the web container and store it in an independent storage server. At present, it supports various forms of session memory: redis, database, mogondb, etc. The management responsibility of the session is entrusted to spring session. When the request enters the web container and obtains the session according to the request, the spring session is responsible for obtaining the session in the memory. If it exists, it returns. If it does not exist, it is created and persisted to the memory.

The difference between the two is as follows:

The content of this article comes from the network collection of netizens. It is used as a learning reference. The copyright belongs to the original author.
THE END
分享
二维码
< <上一篇
下一篇>>