As we know that the Http is a stateless
protocol, means that it can't persist the information. It always treats each
request as a new request. In Http client makes a connection to the server, sends
the request., gets the response, and closes the connection.
In session management client first make a request for
any servlet or any page, the container receives the request and generate a
unique session ID and gives it back to the client along with the response. This
ID gets stores on the client machine. Thereafter when the client request again
sends a request to the server then it also sends the session Id with the
request. There the container sees the Id and sends back the request.
Session Tracking can be done in three ways:
Hidden Form Fields: This is one of the way to
support the session tracking. As we know by the name, that in this fields
are added to an HTML form which are not displayed in the client's request.
The hidden form field are sent back to the server when the form is
submitted. In hidden form fields the html entry
will be like this : <input type ="hidden" name =
"name" value="">. This means that when you submit the
form, the specified name and value will be get included in get or post
method. In this session ID information would be embedded within the form as
a hidden field and submitted with the Http POST command.
URL Rewriting: This is another way to support
the session tracking. URLRewriting can
be used in place where we don't want to use cookies. It is used to maintain
the session. Whenever the browser sends a request then it is always
interpreted as a new request because http protocol is a stateless protocol
as it is not persistent. Whenever we want that out request object to stay
alive till we decide to end the request object then, there we use the
concept of session tracking. In session tracking firstly a session object is
created when the first request goes to the server. Then server creates a
token which will be used to maintain the session. The token is transmitted
to the client by the response object and gets stored on the client machine.
By default the server creates a cookie and the cookie get stored on the
client machine.
Cookies: When cookie based session management
is used, a token is generated which contains user's information, is sent to
the browser by the server. The cookie is sent back to the server when the
user sends a new request. By this cookie, the server is able to identify the
user. In this way the session is maintained. Cookie is nothing but a name-
value pair, which is stored on the client machine. By default the cookie is
implemented in most of the browsers. If we want then we can also disable the
cookie. For security reasons, cookie based session management uses two types
of cookies.
Joseph Kingston Leo(SCJP)
September 21, 2011
complaint
I am using roseindia last 3 years.thank you for your wonderful cooperation.now this links i mean the nex is not working well check it out.
Thank you.
Amardeep Sharma
September 22, 2011
How to make a smalll project in struts
Very good and much helpful
gulmohommad
March 3, 2012
session tracking
i want some examples of session tracking which includes all three ways of session tracking i.e,session tracking using hidden form and fields, url rewriting and cookies
yuvraaj
August 29, 2012
there is wrong way the correct ways is given below
Four Type of session tracking
1. Hidden Form Field
2. URL Rewirting
3. Cookies
4. Session
Share on Google+
Roseindia Java Servlet
Servlet Tutorials for Beginners
Servlet tutorials: Learn Servlet Easily
Cookies in Servlet
Learn Servlet Life Cycle
Discuss: Session Tracking View All Comments
Post your Comment