Chapter 4 - Session Management
HTTP protocol and Web Servers are stateless,it means that for web server every request is a new request to process and it can’t identify the coming from client that has been sending request.
Session is a conversional state between client and server and it can be consists of multiple request and response between client and server.
Since HTTP and Web Server both are statelessa and way to maintain a session for unique information about the session is passed between server and client in every request and response.
There are several ways through which can provide unique identifier in request and response:
- User Authentication – User Authentication can provide authentication credentials from the login page pass the authentication information between server and client to maintain the session.
- HTML Hidden Field – HTML Hidden Field can create a unique hidden field in the HTML and user starts navigating,set its value unique to the user and keep track of the session.
- URL Rewriting – URL Rewriting can append a session identifier parameter with every request and response to keep track of the session.because its keep track of the parameter in every response and should not clashing with other parameters.
- Cookies – Cookies are small piece of information that is sent by web server in response header and gets stored in the browser cookies. When client make further request, it adds the cookie to the request header and utilize it to keep track of the session.
- Session Management API – Session Management API is built on top of the methods for session tracking.
Session Management using Cookies
Cookies are used in web applications to personalize response based on the track of session. Before moving forward to the Servlet Session Management API.
Create a dynamic web application ServletCookieExample with Following image:
Session Management J2EE