By default all web application are stateless web application that means web applications can not use first request data for second request.this is called stateless.
But we can use one of the following four session tracking techniques to make them "stateless"
By using above techniques we can make to use first request data for second request data.this state is called state full
Session tracking technique makes web application to remember client data across the multiple requests during a session that means while processing second request we can use first request data similarly while processing third request we can use first and second request data and so on
HiddenForm Fields:
<form action="url" metho="get/post">
<input type="hidden" name="h1" value="hello"></input>
<input type="submit" value="send"></input>
</form>
Example program
But we can use one of the following four session tracking techniques to make them "stateless"
1.Hidden form fields
2.Cookies
3.HttpSession with Cookies
4.HttpSession with url rewriting
By using above techniques we can make to use first request data for second request data.this state is called state full
Session tracking technique makes web application to remember client data across the multiple requests during a session that means while processing second request we can use first request data similarly while processing third request we can use first and second request data and so on
HiddenForm Fields:
- it is an invisible hidden component of form page
- when form is submitted this hidden box data goes to server as request parameter value
example
<form action="url" metho="get/post">
<input type="hidden" name="h1" value="hello"></input>
<input type="submit" value="send"></input>
</form>
Example program
In above program user enters name,age in one.jsp, now for username hidden field is created in two.jsp,three.jsp
To Download example program
Advantages of Hidden fields
- Basic Html knowledge is enough to work
- We can use both GenericServlet,HttpServlet
- This Technique works with both java and non-java webserver and application server
Dis Advantages of Hidden fields
- Hidden box values can be viewed by using the view source option
- we can't store java objects
- lack of Security
Note:Only hidden fields works with java and non-java programs. but remaining things works with only java
2.Cookies
HttpCookies are small textual information which allocates memory at client side remembering client data across the multiple request given to web application
Server creates cookies and it sends back to client(browser) along with the response and for each time this cookies goes back to server along with request object
cookies are two types
1. Inmemory cookies/ Persession cookies
2. Persistant cookies
1.Inmemory cookies does not have any expire time but once browser is closed these cookies will be deleted automatically.
2.Persistent cookies is having expiry time and allocates memory in client side. once browser is closed persistent cookies will not be deleted but after completed expire time these cookies will be deleted.
Every cookie contains a name holding value this name and value must be string information.
Maintaining cookies
a)create cookie
Cookie ck=new Cookie("key1","val1");
response.addCookie(ck);
b)now ck is inmemory cookie. to make inmemory cookie to persistent cookie
ck.setMaxAge(1800); i.e 1800 sec (30 min)
response.addCookie(ck);
c) To read all cookies from request object
Cookie ck[]=request.getCookies();
for(int i=0;i<ck.length;i++)
{
Cookie ck1==ck[i];
System.out.println(ck1.getName+" "+ck1.getValue());
}
d) delete cookie
we can not delete cookie programtically if it is in-memory cookie it will be deleted after browser is closed. if it is persistent cookie it will be deleted after expire time
For above diagram sample project is
Advantages of Cookies
- This technique works with all web server and application server
- Stores Client data at client side. so this technique does not give burden to server
Dis Advantages of Cookies
- Cookies can not store java object. it can only store String values
- Cookies travel along with request and response over network so they increases network traffic between client and web server
- cookies can be deleted explicitly by using browser window option
- if user restricted cookies this technique can not work
Http Session with Cookies based Session Tracking Technique
Http Session object allocates memory on the server one per client basis or one per browser.
Session object stores the values in the form of attributes at server side. but every session is having one id. that id comes back to browser along with response object to the browser. this id will be stored in the form cookies
with respect to above diagram
- For Browser1 HttpSession object memory is create at server side but that id is stored in browser side in the form of cookies jsession id
- like that for browser2 separate HttpSession object memory is created at server side that id is stored in client side in the form of Cookies
Note: Every Http Session is having one id that id is called Jsession id
- To create HttpSession object
- HttpSession ses=request.getSession();
- HttpSession ses=request.getSession(true);
- HttpSession ses=request.getSession(false);
- HttpSession ses=request.getSession()
- it creates Session. if Session is already existed then it takes the reference of that session. if Session is not created then it creates a new session
- HttpSession ses=request.getSession()
- it is same as previous one
- HttpSession ses=request.getSession(0
- can't create new session object for browser window on the server but give access to existing session object. when session object is not available for browser window if this method is called we will get null as the return value
- To store Attributes
- session.setAttribute("key1",Object)
- To Remove attribute
- session.removeAttribute("key1");
- To get Attribute
- Object obj=session.getAttribute("key1");
- To known Sessionid
- String id=session.getId();
- To known last accessed time of Session object
- long ms=session.getLastAccessedTime();
- To Invalidate the Session
- session.inValidate();
For Example Program Click Here
Advantages of HttpSession
- Client Data will be stored in the server So it won't travel in network along with request and response object. this gives data security
- The Session attribute object stores java objects as values
- This technique works with all servers
- This technique allows the programmer to invalidate session explicitly and to invalidate session by specifying maximum inactive interval period
Dis Advantages
- if cookies are restricted to coming browser window this technique falis
- if cookies are deleted in the middle of session then this technique fails
HttpSession with URL Rewriting
- This technique is same as the HttpSession with cookies. But the methodology of sending session id to browser window from web application and bringing that session id back to web application to browser window will be different
- In HttpSession with cookies technique session id goes to browser window in the form of cookies if cookies are restricted coming to browser window this technique fails
- To overcome this problem the session id will be appended to the url in web application
response.endcodeUrl("s2url");
i.e
pw.println("<form action="+res.encodeURL("secondservlet")+"method='get'>");
Sample Project
No comments:
Post a Comment