Advanced Java and Web Technologies for JNTUK
Blog providing beginner tutorials on different web technologies like HTML, CSS, Javascript, PHP, MYSQL, XML, Java Beans, Servlets, JSP and AJAX

02/10/2016 Categories: Servlets. No Comments on Session Tracking in Servlets

A session is a collection of HTTP requests, over a period of time, between a client and server. Maintaining the data within the session is known as session tracking. For example, maintaining the book details added to the cart in an online book shop application. Session tracking mechanisms include the following:

  • URL rewriting (query strings)
  • Hidden form fields
  • Cookies
  • HTTP session (Session objects)

 

URL Rewriting

 

In this method we keep track of the data by passing the data as a query string from one page to another page. A query string starts with ? symbol and is followed by set of key-value pairs. Each pair is separated using the & symbol. Passing huge amount of data using query string is cumbersome. This method is recommended only when the data that is needed to be passed is very less. Following example demonstrates passing data using query string:

 

index.html

 

ServletA.java

 

ServletB.java

 

In the above example we are passing the data uname and pass from index.html to ServletA and from ServletA to ServletB using query string.

 

Video: URL Rewriting

 

Hidden Form Fields

 

Another way of passing data from one page to another page is by using a hidden form field. The advantage with this method is data is not visible to the user directly. But, when the user looks at the source of the web page in a browser, the data being passed will be visible. Following example demonstrates hidden form fields:

 

index.html

 

ServletA.java

 

In the above example two hidden form fields were used to pass data to the servlet file.

Video: Hidden Fields

 

Cookies

 

A cookie is a file containing the information sent by the web server to the client. Cookies are stored on client machine. A cookie consists of various attributes such as name, value, message, domain, path, comment and version number. Cookies should only be used to store non-sensitive information.

 

The servlet API provides a class Cookie available in the javax.servlet.http package which provides a way to manage cookies in web applications. To send a cookie to the client, use addCookie(Cookie  c) method of the HttpServletResponse object. To gather the cookies on the client side, use getCookies() method of HttpServletRequest object.

 

To create a cookie, we can use the constructor of the Cookie class as shown below:

Cookie  c  =  new  Cookie(name, value);

 

Cookie class provides the following methods:

  • setValue(String s)
  • getValue()
  • getName()
  • setComment(String s)
  • getComment()
  • setVersion(String s), getVersion()
  • setDomain(String s), getDomain()
  • setPath(String s), getPath()
  • setSecure(boolean), getSecure(boolean)

 

Following are the advantages of cookies:

  • Cookies reduce network traffic when compared to URL rewriting.
  • Cookies maintain data on client side.
  • Cookies simplifies the application logic when compared to query strings.

 

Following are the disadvantages of cookies:

  • Cookies are not secure.
  • Cookies are HTTP specific.
  • Cookies size is limited (4KB in general).
  • Cookies can be disabled on client side.

 

Following example demonstrates storing and retrieving cookies:

 

cookies.html

 

AddCookies.java

 

login.html

 

ValidServ.java

 

Video: Cookies

 

Session Object

 

Session object allows the user to store session data on the server-side. This may be a burden on the server if the application is accessed by large number of users. Servlet API provides HttpSession interface to manage the session objects.

 

We can get the reference of a session object by calling  getSession() of HttpServletRequest as shown below:

HttpSession  session = request.getSession();

 

HttpSession interface provides the following functionality:

  • Object getAttribute(String  name)
  • Enumeration getAttributeNames()
  • String getId()
  • void  invalidate()
  • void setAttribute(String name, Object value)
  • void removeAttribute(String name)

 

Following example demonstrates adding and retrieving data from a session object:

login.html

 

createSession.java

 

userHome.java

 

Video: Session Object

Suryateja Pericherla

Suryateja Pericherla

Hello, I am Suryateja Pericherla working as an Asst. Professor in CSE department at Vishnu Institute of Technology. I write articles to share my knowledge and make people knowledgeable regarding certain topics.
Suryateja Pericherla

Latest posts by Suryateja Pericherla (see all)

Related Links:

Note: Do you have a question on this article or have a suggestion to make this article better? You can ask or suggest us by filling in the below form. After commenting, your comment will be held for moderation and will be published in 24-48 hrs.

Leave a Reply

Scroll Up