Session Tracking in Servlets PDF

Preview

Summary

Session Tracking in Servlets...

Description

Sessi onTr ac ki ngi nSer vl et s 1. Session Tracking 2. Session Tracking Techniques Session simply means a particular interval of time. Session Tracking is a way to maintain state (data) of an user. It is also known as session management in servlet. Http protocol is a stateless so we need to maintain state using session tracking techniques. Each time user requests to the server, server treats the request as the new request. So we need to maintain the state of an user to recognize to particular user.

WhyuseSes si onTr acki ng? To recognize the user It is used to recognize the particular user.

Ses s i onTr acki ngTec hni ques There are four techniques used in Session tracking: 1. Cookies 2. Hidden Form Field 3. URL Rewriting 4. HttpSession

Cooki esi nSer vl et A cookie is a small piece of information that is persisted between the multiple client requests. A cookie has a name, a single value, and optional attributes such as a comment, path and domain qualifiers, a maximum age, and a version number.

HowCook i ewor k s By default, each request is considered as a new request. In cookies technique, we add cookie with response from the servlet. So cookie is stored in the cache of the browser. After that if request is sent by the user, cookie is added with request by default. Thus, we recognize the user as the old user.

Ty pesofCooki e There are 2 types of cookies in servlets. 1. Non-persistent cookie 2. Persistent cookie

Nonper s i s t entcook i e It is valid for single session only. It is removed each time when user closes the browser.

Per s i s t entcook i e It is valid for multiple session . It is not removed each time when user closes the browser. It is removed only if user logout or signout.

Adv ant ageofCooki es 1. Simplest technique of maintaining the state. 2. Cookies are maintained at client side.

Di s adv ant ageofCooki es 1. It will not work if cookie is disabled from the browser. 2. Only textual information can be set in Cookie object

Cooki ec l as s javax.servlet.http.Cookie class provides the functionality of using cookies. It provides a lot of useful methods for cookies.

Cons t r uct orofCooki ec l as s Constructor

Description

Cookie()

constructs a cookie.

Cookie(String name, String value)

constructs a cookie with a specified name and va

HIDDEN FIELDS A hidden form field is an HTML element utilized to store the value similar to the text box, but here stored value will be invisible, so to extract that value servlet code or any server side code will be used. The form page having an invisible text box is called as a Hidden box. When one clicks Submit on the hidden text box, then the hidden box enters the value which goes to Web Resource Program along with a request as request parameter. Following is the syntax for hidden field case.

Advantages of Hidden Fields   

Hidden fields data are stored in the browser window.So they do not provide burden to the server. Minimum knowledge of HTML is enough to work with this technique. If cookies are disabled or not, it will work.

Disadvantages of Hidden Fields   

Hidden field can store only text values but not as java object. The Hidden field value can be seen in the View Source option. So hidden fields do not provide better data security. The programmer has a burden to add previous form pages data for creating dynamic web pages.



HTTP Session With URL Rewriting is another way to support anonymous session tracking. With URL rewriting, every local URL the user might click on is dynamically modified, or rewritten, to include extra information. The extra information can be in the form of extra path information, added parameters, or some custom, serverspecific URL change. Due to the limited space available in rewriting a URL, the extra information is usually limited to a unique session ID. URL Rewriting in Servlets, which doesn’t use cookies to send and receive Session-Id from the web application...