Session Handling

Why we need to track Session Data ??

HTTP is a stateless protocol, which means that whenever a client sends a request to the web server, and once the web server processes the request and provides a response to the client, then the server will not maintain any information about the client.

Every time a client sends a request to the web server, a new connection will always be established with the server.

This has problems when developing enterprise web applications.

For example, in most of the web applications, we can observe that we will have a login page where we provide the user name and password. And once the user credentials are validated, then we will be redirected to the default page of the web site.

Whenever we navigate within the web application, we can observe the user details that we have provided at the login page will be used across the pages present within the web app.

We usually observe this type of requirement in web applications such as email application, shopping carts, chat applications, forums, etc.

Session simply means a particular interval of time.

Session Tracking is a way to maintain state (data) of an user. It is also known as session management in servlet.

Http protocol is a stateless so we need to maintain state using session tracking techniques. Each time user requests to the server, server treats the request as the new request. So we need to maintain the state of an user to recognize to particular user.

HTTP is stateless that means each request is considered as the new request. It is shown in the figure given below:

session tracking

Session Tracking Techniques

There are four techniques used in Session tracking:

  1. Hidden Form Field
  2. URL Rewriting
  3. Cookies
  4. HttpSession

 

Hidden Form Fields 

Hidden Form field is an HTML form element which is used to store the value similar to the TextBox element. This element can store the value, but it will not be visible on the page.

Syntax :

servlets23

This approach is better if we have to submit form in all the pages and we don’t want to depend on the browser.

Pros :

  • It will always work whether cookie is disabled or not. It is supported by all browsers.

Cons :

  • It is maintained at server side.
  • Extra form submission is required on each pages. Mandatory to submit data at every page.
  • Only textual information can be used.

 

URL Rewriting :