您好,登錄后才能下訂單哦!
這篇文章主要介紹“如何創(chuàng)建session對(duì)象”的相關(guān)知識(shí),小編通過(guò)實(shí)際案例向大家展示操作過(guò)程,操作方法簡(jiǎn)單快捷,實(shí)用性強(qiáng),希望這篇“如何創(chuàng)建session對(duì)象”文章能幫助大家解決問(wèn)題。
Session對(duì)象的創(chuàng)建一般是源于這樣的一條語(yǔ)句:
Session session = request.getSession(false);或者Session session = request.getSession();如果不在乎服務(wù)器壓力可能多那么一點(diǎn)點(diǎn)的話。
在Tomcat的實(shí)現(xiàn)中,這個(gè)request是org.apache.catalina.connector.Request類(lèi)的包裝類(lèi)org.apache.catalina.connector.RequestFacade的對(duì)象,它的兩個(gè)#getSession()方法如下:
public HttpSession getSession(boolean create) { if (request == null) { throw new IllegalStateException( sm.getString("requestFacade.nullRequest")); } if (SecurityUtil.isPackageProtectionEnabled()){ return (HttpSession)AccessController. doPrivileged(new GetSessionPrivilegedAction(create)); } else { return request.getSession(create); } }
public HttpSession getSession() { if (request == null) { throw new IllegalStateException( sm.getString("requestFacade.nullRequest")); } return getSession(true); }
其實(shí)差不太多,最后都會(huì)進(jìn)入org.apache.catalina.connector.Request的#getSession()方法。這個(gè)方法的源代碼如下:
public HttpSession getSession(boolean create) { Session session = doGetSession(create); if (session != null) { return session.getSession(); } else { return null; } }
然后調(diào)用就到了#doGetSession()這個(gè)方法了。源代碼如下
protected Session doGetSession(boolean create) { // 沒(méi)有Context的話直接返回null if (context == null) return (null); // 判斷Session是否有效 if ((session != null) && !session.isValid()) session = null; if (session != null) return (session); // 返回Manager對(duì)象,這里是StandardManager類(lèi)的對(duì)象 Manager manager = null; if (context != null) manager = context.getManager(); if (manager == null) return (null); // Sessions are not supported // 判斷是否有SessionID if (requestedSessionId != null) { try { // 在Manager中根據(jù)SessionID查找Session session = manager.findSession(requestedSessionId); } catch (IOException e) { session = null; } if ((session != null) && !session.isValid()) session = null; if (session != null) { // 更新訪問(wèn)時(shí)間 session.access(); return (session); } } // 創(chuàng)建新的Session if (!create) return (null); if ((context != null) && (response != null) && context.getCookies() && response.getResponse().isCommitted()) { throw new IllegalStateException(sm.getString("coyoteRequest.sessionCreateCommitted")); } // 判斷是否使用 "/" 作為Session Cookie的存儲(chǔ)路徑 并且 是否SessionID來(lái)自Cookie if (connector.getEmptySessionPath() && isRequestedSessionIdFromCookie()) { // 創(chuàng)建Session session = manager.createSession(getRequestedSessionId()); } else { session = manager.createSession(null); } // 創(chuàng)建一個(gè)新的Session Cookies if ((session != null) && (getContext() != null) && getContext().getCookies()) { Cookie cookie = new Cookie(Globals.SESSION_COOKIE_NAME, session.getIdInternal()); // 配置Session Cookie configureSessionCookie(cookie); // 在響應(yīng)中加入Session Cookie response.addCookieInternal(cookie); } if (session != null) { // 更新訪問(wèn)時(shí)間 session.access(); return (session); } else { return (null); } }
這個(gè)方法說(shuō)明了Session創(chuàng)建的大致過(guò)程,首先判斷requestedSessionId是否存在,如果存在,那么根據(jù)這個(gè)ID去查找Session對(duì)象。如果requestedSessionId不存在或者沒(méi)有取到Session,并且傳遞給#getSession(boolean)的參數(shù)為真,那么要?jiǎng)?chuàng)建一個(gè)新的Session,并且給客戶(hù)端寫(xiě)回去一個(gè)Session Cookie。
首先,我感興趣的是requestedSessionId的賦值,它到底是什么時(shí)候被賦值的呢?
還要向回看Tomcat的請(qǐng)求處理過(guò)程,請(qǐng)求曾到過(guò)這一步,org.apache.catalina.connector.CoyoteAdapter的#service()方法。里邊有這樣一句方法調(diào)用:postParseRequest(req, request, res, response)。就是這一步處理了SessionID的獲取,這個(gè)方法調(diào)用了#parseSessionId()和parseSessionCookiesId()這兩個(gè)方法,就是它對(duì)Session ID進(jìn)行了提取,源代碼分別如下:
protected void parseSessionId(org.apache.coyote.Request req, Request request) { ByteChunk uriBC = req.requestURI().getByteChunk(); // 判斷URL中是不是有";jsessionid="這個(gè)字符串 int semicolon = uriBC.indexOf(match, 0, match.length(), 0); if (semicolon > 0) { // Parse session ID, and extract it from the decoded request URI // 在URL中提取Session ID int start = uriBC.getStart(); int end = uriBC.getEnd(); int sessionIdStart = semicolon + match.length(); int semicolon2 = uriBC.indexOf(';', sessionIdStart); if (semicolon2 >= 0) { request.setRequestedSessionId(new String(uriBC.getBuffer(), start + sessionIdStart, semicolon2 - sessionIdStart)); byte[] buf = uriBC.getBuffer(); for (int i = 0; i < end - start - semicolon2; i++) { buf[start + semicolon + i] = buf[start + i + semicolon2]; } uriBC.setBytes(buf, start, end - start - semicolon2 + semicolon); } else { request.setRequestedSessionId(new String(uriBC.getBuffer(), start + sessionIdStart, (end - start) - sessionIdStart)); uriBC.setEnd(start + semicolon); } // 設(shè)定Session ID來(lái)自于URL request.setRequestedSessionURL(true); } else { request.setRequestedSessionId(null); request.setRequestedSessionURL(false); } }
protected void parseSessionCookiesId(org.apache.coyote.Request req, Request request) { Context context = (Context) request.getMappingData().context; if (context != null && !context.getCookies()) return; // 返回Cookie Cookies serverCookies = req.getCookies(); int count = serverCookies.getCookieCount(); if (count <= 0) return; for (int i = 0; i < count; i++) { ServerCookie scookie = serverCookies.getCookie(i); // 判斷是否有JSESSIONID這個(gè)名字的Cookie if (scookie.getName().equals(Globals.SESSION_COOKIE_NAME)) { // Override anything requested in the URL if (!request.isRequestedSessionIdFromCookie()) { // 設(shè)定Session ID convertMB(scookie.getValue()); request.setRequestedSessionId(scookie.getValue().toString()); // 如果之前在URL中讀到了SessionID,那么會(huì)覆蓋它 request.setRequestedSessionCookie(true); request.setRequestedSessionURL(false); if (log.isDebugEnabled()) log.debug(" Requested cookie session id is " + request.getRequestedSessionId()); } else { if (!request.isRequestedSessionIdValid()) { convertMB(scookie.getValue()); request.setRequestedSessionId(scookie.getValue().toString()); } } } } }
Tomcat就是通過(guò)上邊的兩個(gè)方法讀到URL或者Cookie中存放的Session ID的。
了解了Session ID的獲取,下面要看一下Session的查找過(guò)程,就是org.apache.catalina.session.StandardManager的#findSession()方法。這個(gè)方法是在它的基類(lèi)中定義的,源代碼如下:
public Session findSession(String id) throws IOException { if (id == null) return (null); return (Session) sessions.get(id); }
代碼很短,其中sessions是一個(gè)ConcurrentHashMap<String, Session>對(duì)象。那么這個(gè)sessions的對(duì)象是什么時(shí)候載入的Session呢?
啟動(dòng)的時(shí)候!可以看一下StandardManager#start()方法。最后調(diào)用了#load()方法,這個(gè)就是載入Session的方法了:
public void load() throws ClassNotFoundException, IOException { if (SecurityUtil.isPackageProtectionEnabled()) { try { AccessController.doPrivileged(new PrivilegedDoLoad()); } catch (PrivilegedActionException ex) { Exception exception = ex.getException(); if (exception instanceof ClassNotFoundException) { throw (ClassNotFoundException) exception; } else if (exception instanceof IOException) { throw (IOException) exception; } if (log.isDebugEnabled()) log.debug("Unreported exception in load() " + exception); } } else { doLoad(); } }
最后調(diào)用了#doLoad()方法來(lái)具體的載入Session,源代碼如下:
protected void doLoad() throws ClassNotFoundException, IOException { if (log.isDebugEnabled()) log.debug("Start: Loading persisted sessions"); // 清空Map sessions.clear(); // 對(duì)應(yīng)work/Catalina/localhost/%app name%/SESSIONS.ser文件 File file = file(); if (file == null) return; if (log.isDebugEnabled()) log.debug(sm.getString("standardManager.loading", pathname)); FileInputStream fis = null; ObjectInputStream ois = null; Loader loader = null; ClassLoader classLoader = null; try { // 載入Session緩存文件 fis = new FileInputStream(file.getAbsolutePath()); BufferedInputStream bis = new BufferedInputStream(fis); if (container != null) loader = container.getLoader(); if (loader != null) classLoader = loader.getClassLoader(); if (classLoader != null) { if (log.isDebugEnabled()) log.debug("Creating custom object input stream for class loader "); ois = new CustomObjectInputStream(bis, classLoader); } else { if (log.isDebugEnabled()) log.debug("Creating standard object input stream"); ois = new ObjectInputStream(bis); } } catch (FileNotFoundException e) { if (log.isDebugEnabled()) log.debug("No persisted data file found"); return; } catch (IOException e) { log.error(sm.getString("standardManager.loading.ioe", e), e); if (ois != null) { try { ois.close(); } catch (IOException f) { ; } ois = null; } throw e; } synchronized (sessions) { try { // 讀出Session個(gè)數(shù) Integer count = (Integer) ois.readObject(); int n = count.intValue(); if (log.isDebugEnabled()) log.debug("Loading " + n + " persisted sessions"); // 讀入Session for (int i = 0; i < n; i++) { StandardSession session = getNewSession(); session.readObjectData(ois); session.setManager(this); sessions.put(session.getIdInternal(), session); session.activate(); sessionCounter++; } } catch (ClassNotFoundException e) { log.error(sm.getString("standardManager.loading.cnfe", e), e); if (ois != null) { try { ois.close(); } catch (IOException f) { ; } ois = null; } throw e; } catch (IOException e) { log.error(sm.getString("standardManager.loading.ioe", e), e); if (ois != null) { try { ois.close(); } catch (IOException f) { ; } ois = null; } throw e; } finally { try { if (ois != null) ois.close(); } catch (IOException f) { } // 刪除Session緩存文件 if (file != null && file.exists()) file.delete(); } } if (log.isDebugEnabled()) log.debug("Finish: Loading persisted sessions"); }
大致知道了Session的讀取過(guò)程,后面就是Session沒(méi)找到時(shí)創(chuàng)建Session的過(guò)程了。具體就是org.apache.catalina.session.StandardManager的#createSession()方法:
public Session createSession(String sessionId) { if ((maxActiveSessions >= 0) && (sessions.size() >= maxActiveSessions)) { rejectedSessions++; throw new IllegalStateException(sm.getString("standardManager.createSession.ise")); } return (super.createSession(sessionId)); }
最后調(diào)用到了它的基類(lèi)的#createSession()方法了。
public Session createSession(String sessionId) { // 創(chuàng)建一個(gè)新的Session Session session = createEmptySession(); // 初始化Session的屬性 session.setNew(true); session.setValid(true); session.setCreationTime(System.currentTimeMillis()); session.setMaxInactiveInterval(this.maxInactiveInterval); // 如果Session ID為null,那么就生成一個(gè) if (sessionId == null) { sessionId = generateSessionId(); } session.setId(sessionId); sessionCounter++; return (session); }
通過(guò)上述過(guò)程,一個(gè)新的Session就創(chuàng)建出來(lái)了。
關(guān)于“如何創(chuàng)建session對(duì)象”的內(nèi)容就介紹到這里了,感謝大家的閱讀。如果想了解更多行業(yè)相關(guān)的知識(shí),可以關(guān)注億速云行業(yè)資訊頻道,小編每天都會(huì)為大家更新不同的知識(shí)點(diǎn)。
免責(zé)聲明:本站發(fā)布的內(nèi)容(圖片、視頻和文字)以原創(chuàng)、轉(zhuǎn)載和分享為主,文章觀點(diǎn)不代表本網(wǎng)站立場(chǎng),如果涉及侵權(quán)請(qǐng)聯(lián)系站長(zhǎng)郵箱:is@yisu.com進(jìn)行舉報(bào),并提供相關(guān)證據(jù),一經(jīng)查實(shí),將立刻刪除涉嫌侵權(quán)內(nèi)容。